Cleaning up SecuritySupport. We no longer need both SecuritySupport and SecuritySupport12 because Xalan now only compiles and runs on J2SE 1.3 or higher. This allows us to tighten up this class even more.
diff --git a/src/org/apache/xalan/extensions/ObjectFactory.java b/src/org/apache/xalan/extensions/ObjectFactory.java
index 6942c90..8ceb6df 100755
--- a/src/org/apache/xalan/extensions/ObjectFactory.java
+++ b/src/org/apache/xalan/extensions/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/extensions/SecuritySupport.java b/src/org/apache/xalan/extensions/SecuritySupport.java
index 86cd6d6..7e14e85 100755
--- a/src/org/apache/xalan/extensions/SecuritySupport.java
+++ b/src/org/apache/xalan/extensions/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/extensions/SecuritySupport12.java b/src/org/apache/xalan/extensions/SecuritySupport12.java
deleted file mode 100755
index 910de1e..0000000
--- a/src/org/apache/xalan/extensions/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.extensions;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/lib/ObjectFactory.java b/src/org/apache/xalan/lib/ObjectFactory.java
index f44c4b4..60b8fd7 100755
--- a/src/org/apache/xalan/lib/ObjectFactory.java
+++ b/src/org/apache/xalan/lib/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/lib/SecuritySupport.java b/src/org/apache/xalan/lib/SecuritySupport.java
index c0fcb53..2c55713 100755
--- a/src/org/apache/xalan/lib/SecuritySupport.java
+++ b/src/org/apache/xalan/lib/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/lib/SecuritySupport12.java b/src/org/apache/xalan/lib/SecuritySupport12.java
deleted file mode 100755
index e143603..0000000
--- a/src/org/apache/xalan/lib/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.lib;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/lib/sql/ObjectFactory.java b/src/org/apache/xalan/lib/sql/ObjectFactory.java
index 760cdfe..78af488 100755
--- a/src/org/apache/xalan/lib/sql/ObjectFactory.java
+++ b/src/org/apache/xalan/lib/sql/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/lib/sql/SecuritySupport.java b/src/org/apache/xalan/lib/sql/SecuritySupport.java
index 1de2695..a3d508d 100755
--- a/src/org/apache/xalan/lib/sql/SecuritySupport.java
+++ b/src/org/apache/xalan/lib/sql/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/lib/sql/SecuritySupport12.java b/src/org/apache/xalan/lib/sql/SecuritySupport12.java
deleted file mode 100755
index 4ebb3e4..0000000
--- a/src/org/apache/xalan/lib/sql/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.lib.sql;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/xslt/ObjectFactory.java b/src/org/apache/xalan/xslt/ObjectFactory.java
index 25b64a4..2a661fc 100755
--- a/src/org/apache/xalan/xslt/ObjectFactory.java
+++ b/src/org/apache/xalan/xslt/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/xslt/SecuritySupport.java b/src/org/apache/xalan/xslt/SecuritySupport.java
index 4c0fe82..7d9ae5d 100755
--- a/src/org/apache/xalan/xslt/SecuritySupport.java
+++ b/src/org/apache/xalan/xslt/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/xslt/SecuritySupport12.java b/src/org/apache/xalan/xslt/SecuritySupport12.java
deleted file mode 100755
index 849b586..0000000
--- a/src/org/apache/xalan/xslt/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.xslt;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/xsltc/cmdline/ObjectFactory.java b/src/org/apache/xalan/xsltc/cmdline/ObjectFactory.java
index f3d5275..0e9225f 100755
--- a/src/org/apache/xalan/xsltc/cmdline/ObjectFactory.java
+++ b/src/org/apache/xalan/xsltc/cmdline/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/xsltc/cmdline/SecuritySupport.java b/src/org/apache/xalan/xsltc/cmdline/SecuritySupport.java
index ce6df0c..b9e01d5 100755
--- a/src/org/apache/xalan/xsltc/cmdline/SecuritySupport.java
+++ b/src/org/apache/xalan/xsltc/cmdline/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/xsltc/cmdline/SecuritySupport12.java b/src/org/apache/xalan/xsltc/cmdline/SecuritySupport12.java
deleted file mode 100755
index 9b9c5d1..0000000
--- a/src/org/apache/xalan/xsltc/cmdline/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.xsltc.cmdline;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/xsltc/compiler/ObjectFactory.java b/src/org/apache/xalan/xsltc/compiler/ObjectFactory.java
index 11d47b4..142dc2b 100755
--- a/src/org/apache/xalan/xsltc/compiler/ObjectFactory.java
+++ b/src/org/apache/xalan/xsltc/compiler/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/xsltc/compiler/SecuritySupport.java b/src/org/apache/xalan/xsltc/compiler/SecuritySupport.java
index daf447c..e00b9e2 100755
--- a/src/org/apache/xalan/xsltc/compiler/SecuritySupport.java
+++ b/src/org/apache/xalan/xsltc/compiler/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/xsltc/compiler/SecuritySupport12.java b/src/org/apache/xalan/xsltc/compiler/SecuritySupport12.java
deleted file mode 100755
index 6de3a6a..0000000
--- a/src/org/apache/xalan/xsltc/compiler/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.xsltc.compiler;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/xsltc/compiler/util/ObjectFactory.java b/src/org/apache/xalan/xsltc/compiler/util/ObjectFactory.java
index b5deef3..3a75252 100755
--- a/src/org/apache/xalan/xsltc/compiler/util/ObjectFactory.java
+++ b/src/org/apache/xalan/xsltc/compiler/util/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/xsltc/compiler/util/SecuritySupport.java b/src/org/apache/xalan/xsltc/compiler/util/SecuritySupport.java
index c902dde..920721b 100755
--- a/src/org/apache/xalan/xsltc/compiler/util/SecuritySupport.java
+++ b/src/org/apache/xalan/xsltc/compiler/util/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/xsltc/compiler/util/SecuritySupport12.java b/src/org/apache/xalan/xsltc/compiler/util/SecuritySupport12.java
deleted file mode 100755
index 304fb13..0000000
--- a/src/org/apache/xalan/xsltc/compiler/util/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.xsltc.compiler.util;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/xsltc/dom/ObjectFactory.java b/src/org/apache/xalan/xsltc/dom/ObjectFactory.java
index b29933f..8a7a43c 100755
--- a/src/org/apache/xalan/xsltc/dom/ObjectFactory.java
+++ b/src/org/apache/xalan/xsltc/dom/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/xsltc/dom/SecuritySupport.java b/src/org/apache/xalan/xsltc/dom/SecuritySupport.java
index 3a5a0af..b5b9170 100755
--- a/src/org/apache/xalan/xsltc/dom/SecuritySupport.java
+++ b/src/org/apache/xalan/xsltc/dom/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/xsltc/dom/SecuritySupport12.java b/src/org/apache/xalan/xsltc/dom/SecuritySupport12.java
deleted file mode 100755
index 773b5bc..0000000
--- a/src/org/apache/xalan/xsltc/dom/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.xsltc.dom;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/xsltc/runtime/ObjectFactory.java b/src/org/apache/xalan/xsltc/runtime/ObjectFactory.java
index 1b285b9..8fe5881 100755
--- a/src/org/apache/xalan/xsltc/runtime/ObjectFactory.java
+++ b/src/org/apache/xalan/xsltc/runtime/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/xsltc/runtime/SecuritySupport.java b/src/org/apache/xalan/xsltc/runtime/SecuritySupport.java
index d32bf4d..3d653b6 100755
--- a/src/org/apache/xalan/xsltc/runtime/SecuritySupport.java
+++ b/src/org/apache/xalan/xsltc/runtime/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/xsltc/runtime/SecuritySupport12.java b/src/org/apache/xalan/xsltc/runtime/SecuritySupport12.java
deleted file mode 100755
index 4e29c12..0000000
--- a/src/org/apache/xalan/xsltc/runtime/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.xsltc.runtime;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xalan/xsltc/trax/ObjectFactory.java b/src/org/apache/xalan/xsltc/trax/ObjectFactory.java
index 39b65af..0fe55f1 100755
--- a/src/org/apache/xalan/xsltc/trax/ObjectFactory.java
+++ b/src/org/apache/xalan/xsltc/trax/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xalan/xsltc/trax/SecuritySupport.java b/src/org/apache/xalan/xsltc/trax/SecuritySupport.java
index 957411f..704fb15 100755
--- a/src/org/apache/xalan/xsltc/trax/SecuritySupport.java
+++ b/src/org/apache/xalan/xsltc/trax/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xalan/xsltc/trax/SecuritySupport12.java b/src/org/apache/xalan/xsltc/trax/SecuritySupport12.java
deleted file mode 100755
index 9f04695..0000000
--- a/src/org/apache/xalan/xsltc/trax/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xalan.xsltc.trax;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xml/dtm/ObjectFactory.java b/src/org/apache/xml/dtm/ObjectFactory.java
index 99b01ac..409bea2 100755
--- a/src/org/apache/xml/dtm/ObjectFactory.java
+++ b/src/org/apache/xml/dtm/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xml/dtm/SecuritySupport.java b/src/org/apache/xml/dtm/SecuritySupport.java
index ce6ae21..8fc0655 100644
--- a/src/org/apache/xml/dtm/SecuritySupport.java
+++ b/src/org/apache/xml/dtm/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xml/dtm/SecuritySupport12.java b/src/org/apache/xml/dtm/SecuritySupport12.java
deleted file mode 100644
index 8b18868..0000000
--- a/src/org/apache/xml/dtm/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xml.dtm;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xml/dtm/ref/ObjectFactory.java b/src/org/apache/xml/dtm/ref/ObjectFactory.java
index 6eae4f8..21ac46a 100755
--- a/src/org/apache/xml/dtm/ref/ObjectFactory.java
+++ b/src/org/apache/xml/dtm/ref/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xml/dtm/ref/SecuritySupport.java b/src/org/apache/xml/dtm/ref/SecuritySupport.java
index 815ea91..d172d1c 100755
--- a/src/org/apache/xml/dtm/ref/SecuritySupport.java
+++ b/src/org/apache/xml/dtm/ref/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xml/dtm/ref/SecuritySupport12.java b/src/org/apache/xml/dtm/ref/SecuritySupport12.java
deleted file mode 100755
index 3b85e88..0000000
--- a/src/org/apache/xml/dtm/ref/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xml.dtm.ref;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xml/serializer/Encodings.java b/src/org/apache/xml/serializer/Encodings.java
index 93490f4..00dd8ea 100644
--- a/src/org/apache/xml/serializer/Encodings.java
+++ b/src/org/apache/xml/serializer/Encodings.java
@@ -314,10 +314,8 @@
{
try
{
- final InputStream is;
-
- SecuritySupport ss = SecuritySupport.getInstance();
- is = ss.getResourceAsStream(ObjectFactory.findClassLoader(),
+ final InputStream is;
+ is = SecuritySupport.getResourceAsStream(ObjectFactory.findClassLoader(),
ENCODINGS_FILE);
Properties props = new Properties();
diff --git a/src/org/apache/xml/serializer/ObjectFactory.java b/src/org/apache/xml/serializer/ObjectFactory.java
index 18ee5a3..574692d 100755
--- a/src/org/apache/xml/serializer/ObjectFactory.java
+++ b/src/org/apache/xml/serializer/ObjectFactory.java
@@ -257,11 +257,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -279,11 +277,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -297,7 +295,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -310,14 +308,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -344,7 +342,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -392,12 +390,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -422,7 +418,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -437,7 +433,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -533,21 +529,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xml/serializer/SecuritySupport.java b/src/org/apache/xml/serializer/SecuritySupport.java
index 197bcac..37e6e70 100644
--- a/src/org/apache/xml/serializer/SecuritySupport.java
+++ b/src/org/apache/xml/serializer/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xml/serializer/SecuritySupport12.java b/src/org/apache/xml/serializer/SecuritySupport12.java
deleted file mode 100644
index f5febba..0000000
--- a/src/org/apache/xml/serializer/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xml.serializer;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xml/serializer/ToStream.java b/src/org/apache/xml/serializer/ToStream.java
index de5b2f8..9157954 100644
--- a/src/org/apache/xml/serializer/ToStream.java
+++ b/src/org/apache/xml/serializer/ToStream.java
@@ -108,8 +108,7 @@
private static final char[] s_systemLineSep;
static {
- SecuritySupport ss = SecuritySupport.getInstance();
- s_systemLineSep = ss.getSystemProperty("line.separator").toCharArray();
+ s_systemLineSep = SecuritySupport.getSystemProperty("line.separator").toCharArray();
}
/**
diff --git a/src/org/apache/xml/utils/ObjectFactory.java b/src/org/apache/xml/utils/ObjectFactory.java
index cd41234..189537c 100644
--- a/src/org/apache/xml/utils/ObjectFactory.java
+++ b/src/org/apache/xml/utils/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xml/utils/SecuritySupport.java b/src/org/apache/xml/utils/SecuritySupport.java
index eb0c1a6..8a2fb25 100644
--- a/src/org/apache/xml/utils/SecuritySupport.java
+++ b/src/org/apache/xml/utils/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xml/utils/SecuritySupport12.java b/src/org/apache/xml/utils/SecuritySupport12.java
deleted file mode 100644
index 86e10d9..0000000
--- a/src/org/apache/xml/utils/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xml.utils;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
diff --git a/src/org/apache/xpath/functions/FuncSystemProperty.java b/src/org/apache/xpath/functions/FuncSystemProperty.java
index 58aadf7..4d94a76 100644
--- a/src/org/apache/xpath/functions/FuncSystemProperty.java
+++ b/src/org/apache/xpath/functions/FuncSystemProperty.java
@@ -25,7 +25,6 @@
import java.util.Properties;
import org.apache.xpath.XPathContext;
-import org.apache.xpath.objects.XNumber;
import org.apache.xpath.objects.XObject;
import org.apache.xpath.objects.XString;
import org.apache.xpath.res.XPATHErrorResources;
@@ -165,10 +164,8 @@
{
try
{
- // Use SecuritySupport class to provide priveleged access to property file
- SecuritySupport ss = SecuritySupport.getInstance();
-
- InputStream is = ss.getResourceAsStream(ObjectFactory.findClassLoader(),
+ // Use SecuritySupport class to provide privileged access to property file
+ InputStream is = SecuritySupport.getResourceAsStream(ObjectFactory.findClassLoader(),
file);
// get a buffered version
diff --git a/src/org/apache/xpath/functions/ObjectFactory.java b/src/org/apache/xpath/functions/ObjectFactory.java
index dbd4073..36d6a23 100755
--- a/src/org/apache/xpath/functions/ObjectFactory.java
+++ b/src/org/apache/xpath/functions/ObjectFactory.java
@@ -258,11 +258,9 @@
String propertiesFilename,
String fallbackClassName)
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Use the system property first
try {
- String systemProp = ss.getSystemProperty(factoryId);
+ String systemProp = SecuritySupport.getSystemProperty(factoryId);
if (systemProp != null) {
debugPrintln("found system property, value=" + systemProp);
return systemProp;
@@ -280,11 +278,11 @@
File propertiesFile = null;
boolean propertiesFileExists = false;
try {
- String javah = ss.getSystemProperty("java.home");
+ String javah = SecuritySupport.getSystemProperty("java.home");
propertiesFilename = javah + File.separator +
"lib" + File.separator + DEFAULT_PROPERTIES_FILENAME;
propertiesFile = new File(propertiesFilename);
- propertiesFileExists = ss.getFileExists(propertiesFile);
+ propertiesFileExists = SecuritySupport.getFileExists(propertiesFile);
} catch (SecurityException e) {
// try again...
fLastModified = -1;
@@ -298,7 +296,7 @@
// file existed last time
if(fLastModified >= 0) {
if(propertiesFileExists &&
- (fLastModified < (fLastModified = ss.getLastModified(propertiesFile)))) {
+ (fLastModified < (fLastModified = SecuritySupport.getLastModified(propertiesFile)))) {
loadProperties = true;
} else {
// file has stopped existing...
@@ -311,14 +309,14 @@
// file has started to exist:
if(propertiesFileExists) {
loadProperties = true;
- fLastModified = ss.getLastModified(propertiesFile);
+ fLastModified = SecuritySupport.getLastModified(propertiesFile);
} // else, nothing's changed
}
if(loadProperties) {
// must never have attempted to read xalan.properties
// before (or it's outdeated)
fXalanProperties = new Properties();
- fis = ss.getFileInputStream(propertiesFile);
+ fis = SecuritySupport.getFileInputStream(propertiesFile);
fXalanProperties.load(fis);
}
} catch (Exception x) {
@@ -345,7 +343,7 @@
} else {
FileInputStream fis = null;
try {
- fis = ss.getFileInputStream(new File(propertiesFilename));
+ fis = SecuritySupport.getFileInputStream(new File(propertiesFilename));
Properties props = new Properties();
props.load(fis);
factoryClassName = props.getProperty(factoryId);
@@ -393,12 +391,10 @@
static ClassLoader findClassLoader()
throws ConfigurationError
{
- SecuritySupport ss = SecuritySupport.getInstance();
-
// Figure out which ClassLoader to use for loading the provider
// class. If there is a Context ClassLoader then use it.
- ClassLoader context = ss.getContextClassLoader();
- ClassLoader system = ss.getSystemClassLoader();
+ ClassLoader context = SecuritySupport.getContextClassLoader();
+ ClassLoader system = SecuritySupport.getSystemClassLoader();
ClassLoader chain = system;
while (true) {
@@ -423,7 +419,7 @@
if (chain == null) {
break;
}
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
}
// Assert: Current ClassLoader not in chain of
@@ -438,7 +434,7 @@
// Check for any extension ClassLoaders in chain up to
// boot ClassLoader
- chain = ss.getParentClassLoader(chain);
+ chain = SecuritySupport.getParentClassLoader(chain);
};
// Assert: Context ClassLoader not in chain of
@@ -534,21 +530,20 @@
*/
private static String findJarServiceProviderName(String factoryId)
{
- SecuritySupport ss = SecuritySupport.getInstance();
String serviceId = SERVICES_PATH + factoryId;
InputStream is = null;
// First try the Context ClassLoader
ClassLoader cl = findClassLoader();
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
// If no provider found then try the current ClassLoader
if (is == null) {
ClassLoader current = ObjectFactory.class.getClassLoader();
if (cl != current) {
cl = current;
- is = ss.getResourceAsStream(cl, serviceId);
+ is = SecuritySupport.getResourceAsStream(cl, serviceId);
}
}
diff --git a/src/org/apache/xpath/functions/SecuritySupport.java b/src/org/apache/xpath/functions/SecuritySupport.java
index 65aa647..fb6c9ce 100644
--- a/src/org/apache/xpath/functions/SecuritySupport.java
+++ b/src/org/apache/xpath/functions/SecuritySupport.java
@@ -25,99 +25,120 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
/**
* This class is duplicated for each Xalan-Java subpackage so keep it in sync.
* It is package private and therefore is not exposed as part of the Xalan-Java
* API.
*
- * Base class with security related methods that work on JDK 1.1.
+ * Security related methods that only work on J2SE 1.2 and newer.
*/
-class SecuritySupport {
+final class SecuritySupport {
- /*
- * Make this of type Object so that the verifier won't try to
- * prove its type, thus possibly trying to load the SecuritySupport12
- * class.
- */
- private static final Object securitySupport;
-
- static {
- SecuritySupport ss = null;
- try {
- Class c = Class.forName("java.security.AccessController");
- // if that worked, we're on 1.2.
- /*
- // don't reference the class explicitly so it doesn't
- // get dragged in accidentally.
- c = Class.forName("javax.mail.SecuritySupport12");
- Constructor cons = c.getConstructor(new Class[] { });
- ss = (SecuritySupport)cons.newInstance(new Object[] { });
- */
- /*
- * Unfortunately, we can't load the class using reflection
- * because the class is package private. And the class has
- * to be package private so the APIs aren't exposed to other
- * code that could use them to circumvent security. Thus,
- * we accept the risk that the direct reference might fail
- * on some JDK 1.1 JVMs, even though we would never execute
- * this code in such a case. Sigh...
- */
- ss = new SecuritySupport12();
- } catch (Exception ex) {
- // ignore it
- } finally {
- if (ss == null)
- ss = new SecuritySupport();
- securitySupport = ss;
- }
+ static ClassLoader getContextClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = Thread.currentThread().getContextClassLoader();
+ } catch (SecurityException ex) { }
+ return cl;
+ }
+ });
}
- /**
- * Return an appropriate instance of this class, depending on whether
- * we're on a JDK 1.1 or J2SE 1.2 (or later) system.
- */
- static SecuritySupport getInstance() {
- return (SecuritySupport)securitySupport;
+ static ClassLoader getSystemClassLoader() {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader cl = null;
+ try {
+ cl = ClassLoader.getSystemClassLoader();
+ } catch (SecurityException ex) {}
+ return cl;
+ }
+ });
}
- ClassLoader getContextClassLoader() {
- return null;
+ static ClassLoader getParentClassLoader(final ClassLoader cl) {
+ return (ClassLoader)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ ClassLoader parent = null;
+ try {
+ parent = cl.getParent();
+ } catch (SecurityException ex) {}
+
+ // eliminate loops in case of the boot
+ // ClassLoader returning itself as a parent
+ return (parent == cl) ? null : parent;
+ }
+ });
}
- ClassLoader getSystemClassLoader() {
- return null;
+ static String getSystemProperty(final String propName) {
+ return (String)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return System.getProperty(propName);
+ }
+ });
}
- ClassLoader getParentClassLoader(ClassLoader cl) {
- return null;
- }
-
- String getSystemProperty(String propName) {
- return System.getProperty(propName);
- }
-
- FileInputStream getFileInputStream(File file)
+ static FileInputStream getFileInputStream(final File file)
throws FileNotFoundException
{
- return new FileInputStream(file);
+ try {
+ return (FileInputStream)
+ AccessController.doPrivileged(new PrivilegedExceptionAction() {
+ public Object run() throws FileNotFoundException {
+ return new FileInputStream(file);
+ }
+ });
+ } catch (PrivilegedActionException e) {
+ throw (FileNotFoundException)e.getException();
+ }
}
- InputStream getResourceAsStream(ClassLoader cl, String name) {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
+ static InputStream getResourceAsStream(final ClassLoader cl,
+ final String name)
+ {
+ return (InputStream)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ InputStream ris;
+ if (cl == null) {
+ ris = ClassLoader.getSystemResourceAsStream(name);
+ } else {
+ ris = cl.getResourceAsStream(name);
+ }
+ return ris;
+ }
+ });
}
- boolean getFileExists(File f) {
- return f.exists();
+ static boolean getFileExists(final File f) {
+ return ((Boolean)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return f.exists() ? Boolean.TRUE : Boolean.FALSE;
+ }
+ })).booleanValue();
}
- long getLastModified(File f) {
- return f.lastModified();
- }
+ static long getLastModified(final File f) {
+ return ((Long)
+ AccessController.doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return new Long(f.lastModified());
+ }
+ })).longValue();
+ }
+
+ private SecuritySupport () {}
}
diff --git a/src/org/apache/xpath/functions/SecuritySupport12.java b/src/org/apache/xpath/functions/SecuritySupport12.java
deleted file mode 100644
index 5781695..0000000
--- a/src/org/apache/xpath/functions/SecuritySupport12.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-/*
- * $Id$
- */
-
-package org.apache.xpath.functions;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-
-/**
- * This class is duplicated for each Xalan-Java subpackage so keep it in sync.
- * It is package private and therefore is not exposed as part of the Xalan-Java
- * API.
- *
- * Security related methods that only work on J2SE 1.2 and newer.
- */
-class SecuritySupport12 extends SecuritySupport {
-
- ClassLoader getContextClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = Thread.currentThread().getContextClassLoader();
- } catch (SecurityException ex) { }
- return cl;
- }
- });
- }
-
- ClassLoader getSystemClassLoader() {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader cl = null;
- try {
- cl = ClassLoader.getSystemClassLoader();
- } catch (SecurityException ex) {}
- return cl;
- }
- });
- }
-
- ClassLoader getParentClassLoader(final ClassLoader cl) {
- return (ClassLoader)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- ClassLoader parent = null;
- try {
- parent = cl.getParent();
- } catch (SecurityException ex) {}
-
- // eliminate loops in case of the boot
- // ClassLoader returning itself as a parent
- return (parent == cl) ? null : parent;
- }
- });
- }
-
- String getSystemProperty(final String propName) {
- return (String)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return System.getProperty(propName);
- }
- });
- }
-
- FileInputStream getFileInputStream(final File file)
- throws FileNotFoundException
- {
- try {
- return (FileInputStream)
- AccessController.doPrivileged(new PrivilegedExceptionAction() {
- public Object run() throws FileNotFoundException {
- return new FileInputStream(file);
- }
- });
- } catch (PrivilegedActionException e) {
- throw (FileNotFoundException)e.getException();
- }
- }
-
- InputStream getResourceAsStream(final ClassLoader cl,
- final String name)
- {
- return (InputStream)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- InputStream ris;
- if (cl == null) {
- ris = ClassLoader.getSystemResourceAsStream(name);
- } else {
- ris = cl.getResourceAsStream(name);
- }
- return ris;
- }
- });
- }
-
- boolean getFileExists(final File f) {
- return ((Boolean)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return f.exists() ? Boolean.TRUE : Boolean.FALSE;
- }
- })).booleanValue();
- }
-
- long getLastModified(final File f) {
- return ((Long)
- AccessController.doPrivileged(new PrivilegedAction() {
- public Object run() {
- return new Long(f.lastModified());
- }
- })).longValue();
- }
-
-}
