@Override public void load() throws ClassNotFoundException, IOException { if (SecurityUtil.isPackageProtectionEnabled()){ try{ AccessController.doPrivileged( new PrivilegedDoLoad() ); } catch (PrivilegedActionException ex){ Exception exception = ex.getException(); if (exception instanceof ClassNotFoundException) { throw (ClassNotFoundException)exception; } else if (exception instanceof IOException) { throw (IOException)exception; } if (log.isDebugEnabled()) { log.debug("Unreported exception in load() ", exception); } } } else { doLoad(); } }
/** * Remove this Session from the active Sessions for this Manager, * and from the Store. * * @param id Session's id to be removed */ protected void removeSession(String id){ try { if (SecurityUtil.isPackageProtectionEnabled()){ try{ AccessController.doPrivileged(new PrivilegedStoreRemove(id)); }catch(PrivilegedActionException ex){ Exception exception = ex.getException(); log.error("Exception in the Store during removeSession: " + exception, exception); } } else { store.remove(id); } } catch (IOException e) { log.error("Exception removing session " + e.getMessage(), e); } }
/** * Return the <code>HttpSession</code> for which this object * is the facade. */ @Override public HttpSession getSession() { if (facade == null){ if (SecurityUtil.isPackageProtectionEnabled()){ final StandardSession fsession = this; facade = AccessController.doPrivileged( new PrivilegedAction<StandardSessionFacade>(){ @Override public StandardSessionFacade run(){ return new StandardSessionFacade(fsession); } }); } else { facade = new StandardSessionFacade(this); } } return (facade); }
/** * Clear all sessions from the Store. */ public void clearStore() { if (store == null) return; try { if (SecurityUtil.isPackageProtectionEnabled()){ try{ AccessController.doPrivileged(new PrivilegedStoreClear()); }catch(PrivilegedActionException ex){ Exception exception = ex.getException(); log.error("Exception clearing the Store: " + exception, exception); } } else { store.clear(); } } catch (IOException e) { log.error("Exception clearing the Store: " + e, e); } }
public StringBuffer generateCookieString(final Cookie cookie) { final StringBuffer sb = new StringBuffer(); //web application code can receive a IllegalArgumentException //from the appendCookieValue invocation if (SecurityUtil.isPackageProtectionEnabled()) { AccessController.doPrivileged(new PrivilegedAction<Void>() { @Override public Void run(){ ServerCookie.appendCookieValue (sb, cookie.getVersion(), cookie.getName(), cookie.getValue(), cookie.getPath(), cookie.getDomain(), cookie.getComment(), cookie.getMaxAge(), cookie.getSecure(), cookie.isHttpOnly()); return null; } }); } else { ServerCookie.appendCookieValue (sb, cookie.getVersion(), cookie.getName(), cookie.getValue(), cookie.getPath(), cookie.getDomain(), cookie.getComment(), cookie.getMaxAge(), cookie.getSecure(), cookie.isHttpOnly()); } return sb; }
@Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type public <T extends Servlet> T createServlet(Class<T> c) throws ServletException { if (SecurityUtil.isPackageProtectionEnabled()) { try { return (T) invokeMethod(context, "createServlet", new Object[] { c }); } catch (Throwable t) { ExceptionUtils.handleThrowable(t); if (t instanceof ServletException) { throw (ServletException) t; } return null; } } else { return context.createServlet(c); } }
/** * @deprecated As of Java Servlet API 2.1, with no direct replacement. */ @Override @Deprecated public Servlet getServlet(String name) throws ServletException { if (SecurityUtil.isPackageProtectionEnabled()) { try { return (Servlet) invokeMethod(context, "getServlet", new Object[]{name}); } catch (Throwable t) { ExceptionUtils.handleThrowable(t); if (t instanceof ServletException) { throw (ServletException) t; } return null; } } else { return context.getServlet(name); } }
@Override public String[] getParameterValues(String name) { if (request == null) { throw new IllegalStateException(sm.getString("requestFacade.nullRequest")); } String[] ret = null; /* * Clone the returned array only if there is a security manager in * place, so that performance won't suffer in the non-secure case */ if (SecurityUtil.isPackageProtectionEnabled()) { ret = AccessController.doPrivileged(new GetParameterValuePrivilegedAction(name)); if (ret != null) { ret = ret.clone(); } } else { ret = request.getParameterValues(name); } return ret; }
@Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type public <T extends Servlet> T createServlet(Class<T> c) throws ServletException { if (SecurityUtil.isPackageProtectionEnabled()) { try { return (T) invokeMethod(context, "createServlet", new Object[]{c}); } catch (Throwable t) { ExceptionUtils.handleThrowable(t); if (t instanceof ServletException) { throw (ServletException) t; } return null; } } else { return context.createServlet(c); } }
@Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type public <T extends Filter> T createFilter(Class<T> c) throws ServletException { if (SecurityUtil.isPackageProtectionEnabled()) { try { return (T) invokeMethod(context, "createFilter", new Object[]{c}); } catch (Throwable t) { ExceptionUtils.handleThrowable(t); if (t instanceof ServletException) { throw (ServletException) t; } return null; } } else { return context.createFilter(c); } }
@Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type public <T extends EventListener> T createListener(Class<T> c) throws ServletException { if (SecurityUtil.isPackageProtectionEnabled()) { try { return (T) invokeMethod(context, "createListener", new Object[]{c}); } catch (Throwable t) { ExceptionUtils.handleThrowable(t); if (t instanceof ServletException) { throw (ServletException) t; } return null; } } else { return context.createListener(c); } }
@Override public Cookie[] getCookies() { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } Cookie[] ret = null; /* * Clone the returned array only if there is a security manager * in place, so that performance won't suffer in the non-secure case */ if (SecurityUtil.isPackageProtectionEnabled()){ ret = AccessController.doPrivileged( new GetCookiesPrivilegedAction()); if (ret != null) { ret = ret.clone(); } } else { ret = request.getCookies(); } return ret; }
/** * Clear all sessions from the Store. */ public void clearStore() { if (store == null) return; try { if (SecurityUtil.isPackageProtectionEnabled()) { try { AccessController.doPrivileged(new PrivilegedStoreClear()); } catch (PrivilegedActionException ex) { Exception exception = ex.getException(); log.error("Exception clearing the Store: " + exception, exception); } } else { store.clear(); } } catch (IOException e) { log.error("Exception clearing the Store: " + e, e); } }
/** * Remove this Session from the active Sessions for this Manager, * and from the Store. * * @param id Session's id to be removed */ protected void removeSession(String id){ try { if (SecurityUtil.isPackageProtectionEnabled()){ try{ AccessController.doPrivileged(new PrivilegedStoreRemove(id)); }catch(PrivilegedActionException ex){ Exception exception = ex.getException(); log.error("Exception in the Store during removeSession: " + exception); exception.printStackTrace(); } } else { store.remove(id); } } catch (IOException e) { log.error("Exception removing session " + e.getMessage()); e.printStackTrace(); } }
/** * Return the <code>HttpSession</code> for which this object * is the facade. */ public HttpSession getSession() { if (facade == null){ if (SecurityUtil.isPackageProtectionEnabled()){ final StandardSession fsession = this; facade = (StandardSessionFacade)AccessController.doPrivileged(new PrivilegedAction(){ public Object run(){ return new StandardSessionFacade(fsession); } }); } else { facade = new StandardSessionFacade(this); } } return (facade); }
/** * Release the Filter instance associated with this FilterConfig, * if there is one. */ void release() { if (this.filter != null) { if (Globals.IS_SECURITY_ENABLED) { try { SecurityUtil.doAsPrivilege("destroy", filter); } catch(java.lang.Exception ex){ context.getLogger().error("ApplicationFilterConfig.doAsPrivilege", ex); } SecurityUtil.remove(filter); } else { filter.destroy(); } if (!context.getIgnoreAnnotations()) { try { ((StandardContext) context).getInstanceManager().destroyInstance(this.filter); } catch (Exception e) { context.getLogger().error("ApplicationFilterConfig.preDestroy", e); } } } this.filter = null; }
/** * Executes the method of the specified <code>ApplicationContext</code> * @param method The method object to be invoked. * @param context The AppliationContext object on which the method * will be invoked * @param params The arguments passed to the called method. */ private Object executeMethod(final Method method, final ApplicationContext context, final Object[] params) throws PrivilegedActionException, IllegalAccessException, InvocationTargetException { if (SecurityUtil.isPackageProtectionEnabled()){ return AccessController.doPrivileged(new PrivilegedExceptionAction(){ public Object run() throws IllegalAccessException, InvocationTargetException{ return method.invoke(context, params); } }); } else { return method.invoke(context, params); } }
/** * @deprecated As of Java Servlet API 2.1, with no direct replacement. */ @Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type @Deprecated public Enumeration<String> getServletNames() { if (SecurityUtil.isPackageProtectionEnabled()) { return (Enumeration<String>) doPrivileged("getServletNames", null); } else { return context.getServletNames(); } }
@Override public int available() throws IOException { if (SecurityUtil.isPackageProtectionEnabled()){ try{ Integer result = AccessController.doPrivileged( new PrivilegedExceptionAction<Integer>(){ @Override public Integer run() throws IOException{ Integer integer = Integer.valueOf(ib.available()); return integer; } }); return result.intValue(); } catch(PrivilegedActionException pae){ Exception e = pae.getException(); if (e instanceof IOException){ throw (IOException)e; } else { throw new RuntimeException(e.getMessage(), e); } } } else { return ib.available(); } }
@Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type public Map<String, ? extends ServletRegistration> getServletRegistrations() { if (SecurityUtil.isPackageProtectionEnabled()) { return (Map<String, ? extends ServletRegistration>) doPrivileged( "getServletRegistrations", null); } else { return context.getServletRegistrations(); } }
@Override public void setContentType(String type) { if (isCommitted()) { return; } if (SecurityUtil.isPackageProtectionEnabled()){ AccessController.doPrivileged(new SetContentTypePrivilegedAction(type)); } else { response.setContentType(type); } }
@Override public void flushBuffer() throws IOException { if (isFinished()) { // throw new IllegalStateException // (/*sm.getString("responseFacade.finished")*/); return; } if (SecurityUtil.isPackageProtectionEnabled()){ try{ AccessController.doPrivileged( new PrivilegedExceptionAction<Void>(){ @Override public Void run() throws IOException{ response.setAppCommitted(true); response.flushBuffer(); return null; } }); } catch(PrivilegedActionException e){ Exception ex = e.getException(); if (ex instanceof IOException){ throw (IOException)ex; } } } else { response.setAppCommitted(true); response.flushBuffer(); } }
@Override public int read() throws IOException { if (SecurityUtil.isPackageProtectionEnabled()){ try{ Integer result = AccessController.doPrivileged( new PrivilegedExceptionAction<Integer>(){ @Override public Integer run() throws IOException{ Integer integer = Integer.valueOf(ib.readByte()); return integer; } }); return result.intValue(); } catch(PrivilegedActionException pae){ Exception e = pae.getException(); if (e instanceof IOException){ throw (IOException)e; } else { throw new RuntimeException(e.getMessage(), e); } } } else { return ib.readByte(); } }
@Override public RequestDispatcher getNamedDispatcher(String name) { if (SecurityUtil.isPackageProtectionEnabled()) { return (RequestDispatcher) doPrivileged("getNamedDispatcher", new Object[]{name}); } else { return context.getNamedDispatcher(name); } }
@Override public int read(final byte[] b) throws IOException { if (SecurityUtil.isPackageProtectionEnabled()){ try{ Integer result = AccessController.doPrivileged( new PrivilegedExceptionAction<Integer>(){ @Override public Integer run() throws IOException{ Integer integer = Integer.valueOf(ib.read(b, 0, b.length)); return integer; } }); return result.intValue(); } catch(PrivilegedActionException pae){ Exception e = pae.getException(); if (e instanceof IOException){ throw (IOException)e; } else { throw new RuntimeException(e.getMessage() ,e); } } } else { return ib.read(b, 0, b.length); } }
@Override public void declareRoles(String... roleNames) { if (SecurityUtil.isPackageProtectionEnabled()) { doPrivileged("declareRoles", new Object[] { roleNames }); } else { context.declareRoles(roleNames); } }
@Override public HttpSession getSession(boolean create) { if (request == null) { throw new IllegalStateException( sm.getString("requestFacade.nullRequest")); } if (SecurityUtil.isPackageProtectionEnabled()){ return AccessController. doPrivileged(new GetSessionPrivilegedAction(create)); } else { return request.getSession(create); } }
@Override public String getMimeType(String file) { if (SecurityUtil.isPackageProtectionEnabled()) { return (String)doPrivileged("getMimeType", new Object[]{file}); } else { return context.getMimeType(file); } }
@Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type public Set<String> getResourcePaths(String path) { if (SecurityUtil.isPackageProtectionEnabled()){ return (Set<String>)doPrivileged("getResourcePaths", new Object[]{path}); } else { return context.getResourcePaths(path); } }
@Override public InputStream getResourceAsStream(String path) { if (SecurityUtil.isPackageProtectionEnabled()) { return (InputStream) doPrivileged("getResourceAsStream", new Object[]{path}); } else { return context.getResourceAsStream(path); } }
@Override public RequestDispatcher getRequestDispatcher(final String path) { if (SecurityUtil.isPackageProtectionEnabled()) { return (RequestDispatcher) doPrivileged("getRequestDispatcher", new Object[]{path}); } else { return context.getRequestDispatcher(path); } }
public Object getAttribute(String name) { if (SecurityUtil.isPackageProtectionEnabled()) { return doPrivileged("getAttribute", new Object[]{name}); } else { return context.getAttribute(name); } }
/** * @deprecated As of Java Servlet API 2.1, with no direct replacement. */ @Override @SuppressWarnings("unchecked") // doPrivileged() returns the correct type @Deprecated public Enumeration<Servlet> getServlets() { if (SecurityUtil.isPackageProtectionEnabled()) { return (Enumeration<Servlet>) doPrivileged("getServlets", null); } else { return context.getServlets(); } }
@Override public void log(String msg) { if (SecurityUtil.isPackageProtectionEnabled()) { doPrivileged("log", new Object[]{msg} ); } else { context.log(msg); } }
@Override public void setSessionTrackingModes(Set<SessionTrackingMode> sessionTrackingModes) { if (SecurityUtil.isPackageProtectionEnabled()) { doPrivileged("setSessionTrackingModes", new Object[] { sessionTrackingModes }); } else { context.setSessionTrackingModes(sessionTrackingModes); } }
@Override public void addListener(String className) { if (SecurityUtil.isPackageProtectionEnabled()) { doPrivileged("addListener", new Object[]{className}); } else { context.addListener(className); } }
