use of java.security.CodeSource in project poi by apache.
the class OOXMLLite method getLoadedClasses.
/**
*
* @param ptrn the pattern to filter output
* @return the classes loaded by the system class loader keyed by class name
*/
@SuppressWarnings("unchecked")
private static Map<String, Class<?>> getLoadedClasses(String ptrn) {
// make the field accessible, we defer this from static initialization to here to
// allow JDKs which do not have this field (e.g. IBM JDK) to at least load the class
// without failing, see https://issues.apache.org/bugzilla/show_bug.cgi?id=56550
final Field _classes = AccessController.doPrivileged(new PrivilegedAction<Field>() {
@SuppressForbidden("TODO: Reflection works until Java 8 on Oracle/Sun JDKs, but breaks afterwards (different classloader types, access checks)")
public Field run() {
try {
Field fld = ClassLoader.class.getDeclaredField("classes");
fld.setAccessible(true);
return fld;
} catch (Exception e) {
throw new RuntimeException(e);
}
}
});
ClassLoader appLoader = ClassLoader.getSystemClassLoader();
try {
Vector<Class<?>> classes = (Vector<Class<?>>) _classes.get(appLoader);
Map<String, Class<?>> map = new HashMap<String, Class<?>>();
for (Class<?> cls : classes) {
// e.g. proxy-classes, ...
ProtectionDomain pd = cls.getProtectionDomain();
if (pd == null)
continue;
CodeSource cs = pd.getCodeSource();
if (cs == null)
continue;
URL loc = cs.getLocation();
if (loc == null)
continue;
String jar = loc.toString();
if (jar.contains(ptrn)) {
map.put(cls.getName(), cls);
}
}
return map;
} catch (IllegalAccessException e) {
throw new RuntimeException(e);
}
}
use of java.security.CodeSource in project sling by apache.
the class JspRuntimeContext method initSecurity.
// -------------------------------------------------------- Private Methods
/**
* Method used to initialize SecurityManager data.
*/
private void initSecurity() {
// Setup the PermissionCollection for this web app context
// based on the permissions configured for the root of the
// web app context directory, then add a file read permission
// for that directory.
Policy policy = Policy.getPolicy();
if (policy != null) {
try {
// Get the permissions for the web app context
String docBase = context.getRealPath("/");
if (docBase == null) {
docBase = options.getScratchDir().toString();
}
String codeBase = docBase;
if (!codeBase.endsWith(File.separator)) {
codeBase = codeBase + File.separator;
}
File contextDir = new File(codeBase);
URL url = contextDir.getCanonicalFile().toURL();
final CodeSource codeSource = new CodeSource(url, (Certificate[]) null);
permissionCollection = policy.getPermissions(codeSource);
// Create a file read permission for web app context directory
if (!docBase.endsWith(File.separator)) {
permissionCollection.add(new FilePermission(docBase, "read"));
docBase = docBase + File.separator;
} else {
permissionCollection.add(new FilePermission(docBase.substring(0, docBase.length() - 1), "read"));
}
docBase = docBase + "-";
permissionCollection.add(new FilePermission(docBase, "read"));
// Create a file read permission for web app tempdir (work)
// directory
String workDir = options.getScratchDir().toString();
if (!workDir.endsWith(File.separator)) {
permissionCollection.add(new FilePermission(workDir, "read"));
workDir = workDir + File.separator;
}
workDir = workDir + "-";
permissionCollection.add(new FilePermission(workDir, "read"));
// Allow the JSP to access org.apache.sling.scripting.jsp.jasper.runtime.HttpJspBase
permissionCollection.add(new RuntimePermission("accessClassInPackage.org.apache.jasper.runtime"));
} catch (final Exception e) {
context.log("Security Init for context failed", e);
}
}
}
use of java.security.CodeSource in project Lucee by lucee.
the class CFMLEngineImpl method deployBundledExtensionZip.
private void deployBundledExtensionZip(ConfigServerImpl cs) {
Resource dir = cs.getLocalExtensionProviderDirectory();
List<ExtensionDefintion> existing = DeployHandler.getLocalExtensions(cs);
String sub = "extensions/";
// MUST this does not work on windows! we need to add an index
ZipEntry entry;
ZipInputStream zis = null;
try {
CodeSource src = CFMLEngineFactory.class.getProtectionDomain().getCodeSource();
if (src == null)
return;
URL loc = src.getLocation();
zis = new ZipInputStream(loc.openStream());
String path, name;
int index;
Resource temp;
RHExtension rhe;
Iterator<ExtensionDefintion> it;
ExtensionDefintion exist;
while ((entry = zis.getNextEntry()) != null) {
path = entry.getName();
if (path.startsWith(sub) && path.endsWith(".lex")) {
// ignore non lex files or file from else where
index = path.lastIndexOf('/') + 1;
if (index == sub.length()) {
// ignore sub directories
name = path.substring(index);
temp = null;
try {
temp = SystemUtil.getTempDirectory().getRealResource(name);
ResourceUtil.touch(temp);
Util.copy(zis, temp.getOutputStream(), false, true);
rhe = new RHExtension(cs, temp, false);
boolean alreadyExists = false;
it = existing.iterator();
while (it.hasNext()) {
exist = it.next();
if (exist.equals(rhe)) {
alreadyExists = true;
break;
}
}
if (!alreadyExists) {
temp.moveTo(dir.getRealResource(name));
}
} finally {
if (temp != null && temp.exists())
temp.delete();
}
}
}
zis.closeEntry();
}
} catch (Throwable t) {
// TODO log this
ExceptionUtil.rethrowIfNecessary(t);
} finally {
Util.closeEL(zis);
}
return;
}
use of java.security.CodeSource in project kernel by exoplatform.
the class AbstractSecureCollectionsTest method doActionWithPermissions.
/**
* Run privileged action with given privileges.
*/
protected <T> T doActionWithPermissions(PrivilegedExceptionAction<T> action, Permission... permissions) throws PrivilegedActionException {
Permissions allPermissions = new Permissions();
for (Permission permission : permissions) {
if (permission != null) {
allPermissions.add(permission);
}
}
ProtectionDomain[] protectionDomains = new ProtectionDomain[] { new ProtectionDomain(new CodeSource(getCodeSource(), (java.security.cert.Certificate[]) null), allPermissions) };
return AccessController.doPrivileged(action, new AccessControlContext(protectionDomains));
}
use of java.security.CodeSource in project Payara by payara.
the class Launcher method createArchive.
protected final Archive createArchive() throws Exception {
ProtectionDomain protectionDomain = getClass().getProtectionDomain();
CodeSource codeSource = protectionDomain.getCodeSource();
URI location = (codeSource == null ? null : codeSource.getLocation().toURI());
String path = (location == null ? null : location.getSchemeSpecificPart());
if (path == null) {
throw new IllegalStateException("Unable to determine code source archive");
}
File root = new File(path);
if (!root.exists()) {
throw new IllegalStateException("Unable to determine code source archive from " + root);
}
return new JarFileArchive(root);
}
Aggregations