use of java.security.PrivilegedExceptionAction in project cxf by apache.
the class ExtensionManagerImpl method load.
final synchronized void load(String resource, ClassLoader l) throws IOException {
Enumeration<URL> urls = l.getResources(resource);
while (urls.hasMoreElements()) {
final URL url = urls.nextElement();
InputStream is;
try {
is = AccessController.doPrivileged(new PrivilegedExceptionAction<InputStream>() {
public InputStream run() throws Exception {
return url.openStream();
}
});
} catch (PrivilegedActionException pae) {
throw (IOException) pae.getException();
}
try {
List<Extension> exts = new TextExtensionFragmentParser(loader).getExtensions(is);
for (Extension e : exts) {
if (loader != l) {
e.classloader = l;
}
if (!all.containsKey(e.getName())) {
all.put(e.getName(), e);
ordered.add(e);
}
}
} finally {
try {
is.close();
} catch (IOException ex) {
// ignore
}
}
}
}
use of java.security.PrivilegedExceptionAction in project Payara by payara.
the class RuntimeInfo method execute.
@Override
public void execute(AdminCommandContext context) {
report = context.getActionReport();
report.setActionExitCode(SUCCESS);
top = report.getTopMessagePart();
logger = context.getLogger();
boolean javaEnabledOnCmd = Boolean.parseBoolean(ctx.getArguments().getProperty("-debug"));
javaConfig = config.getJavaConfig();
jpdaEnabled = javaEnabledOnCmd || Boolean.parseBoolean(javaConfig.getDebugEnabled());
int debugPort = parsePort(javaConfig.getDebugOptions());
top.addProperty("debug", Boolean.toString(jpdaEnabled));
top.addProperty("debugPort", Integer.toString(debugPort));
final OperatingSystemMXBean osBean = (OperatingSystemMXBean) ManagementFactory.getOperatingSystemMXBean();
top.addProperty("os.arch", osBean.getArch());
top.addProperty("os.name", osBean.getName());
top.addProperty("os.version", osBean.getVersion());
top.addProperty("availableProcessorsCount", "" + osBean.getAvailableProcessors());
// also if we are not on a sun jdk, we will not return this attribute.
if (!OS.isAix()) {
try {
final Method jm = osBean.getClass().getMethod("getTotalPhysicalMemorySize");
AccessController.doPrivileged(new PrivilegedExceptionAction() {
public Object run() throws Exception {
if (!jm.isAccessible()) {
jm.setAccessible(true);
}
return null;
}
});
top.addProperty("totalPhysicalMemorySize", "" + jm.invoke(osBean));
} catch (Exception ex) {
logger.log(Level.SEVERE, null, ex);
}
}
RuntimeMXBean rmxb = ManagementFactory.getRuntimeMXBean();
top.addProperty("startTimeMillis", "" + rmxb.getStartTime());
top.addProperty("pid", "" + rmxb.getName());
checkDtrace();
setDasName();
top.addProperty("java.vm.name", System.getProperty("java.vm.name"));
// setRestartable();
reportMessage.append(Strings.get("runtime.info.debug", jpdaEnabled ? "enabled" : "not enabled"));
report.setMessage(reportMessage.toString());
}
use of java.security.PrivilegedExceptionAction in project Payara by payara.
the class EJBSecurityManager method invoke.
/**
* This method is similiar to the runMethod, except it keeps the
* semantics same as the one in reflection. On failure, if the
* exception is caused due to reflection, it returns the
* InvocationTargetException. This method is called from the
* containers for ejbTimeout, WebService and MDBs.
*
* @param beanClassMethod, the bean class method to be invoked
* @param isLocal, true if this invocation is through the local EJB view
* @param o the object on which this method is to be
* invoked in this case the ejb,
* @param oa the parameters for the method,
* @param c, the container instance
* can be a null value, where in the container will be queried to
* find its security manager.
* @return Object, the result of the execution of the method.
*/
public Object invoke(Method beanClassMethod, boolean isLocal, Object o, Object[] oa) throws Throwable {
final Method meth = beanClassMethod;
final Object obj = o;
final Object[] objArr = oa;
Object ret = null;
// see CR 6331550
if ((isLocal && this.getUsesCallerIdentity()) || System.getSecurityManager() == null) {
ret = this.runMethod(meth, obj, objArr);
} else {
PrivilegedExceptionAction pea = new PrivilegedExceptionAction() {
public Object run() throws Exception {
return meth.invoke(obj, objArr);
}
};
try {
ret = this.doAsPrivileged(pea);
} catch (PrivilegedActionException pae) {
Throwable cause = pae.getCause();
throw cause;
}
}
return ret;
}
use of java.security.PrivilegedExceptionAction in project Payara by payara.
the class SecurityUtil method execute.
/**
* Perform work as a particular <code>Subject</code>. Here the work
* will be granted to a <code>null</code> subject.
*
* @param method the method to apply the security restriction
* @param targetObject the <code>Servlet</code> on which the method will
* be called.
* @param targetArguments <code>Object</code> array contains the
* runtime parameters instance.
* @param principal the <code>Principal</code> to which the security
* privilege apply..
*/
private static void execute(final Method method, final Object targetObject, final Object[] targetArguments, Principal principal) throws java.lang.Exception {
try {
Subject subject = null;
PrivilegedExceptionAction<Void> pea = new PrivilegedExceptionAction<Void>() {
public Void run() throws Exception {
method.invoke(targetObject, targetArguments);
return null;
}
};
// The first argument is always the request object
if (targetArguments != null && targetArguments[0] instanceof HttpServletRequest) {
HttpServletRequest request = (HttpServletRequest) targetArguments[0];
boolean hasSubject = false;
HttpSession session = request.getSession(false);
if (session != null) {
subject = (Subject) session.getAttribute(Globals.SUBJECT_ATTR);
hasSubject = (subject != null);
}
if (subject == null) {
subject = new Subject();
if (principal != null) {
subject.getPrincipals().add(principal);
}
}
if (session != null && !hasSubject) {
session.setAttribute(Globals.SUBJECT_ATTR, subject);
}
}
Subject.doAsPrivileged(subject, pea, null);
} catch (PrivilegedActionException pe) {
Throwable e;
if (pe.getException() instanceof InvocationTargetException) {
e = ((InvocationTargetException) pe.getException()).getTargetException();
} else {
e = pe;
}
if (log.isLoggable(Level.FINE)) {
log.log(Level.FINE, LogFacade.PRIVILEGE_ACTION_EXCEPTION, e);
}
if (e instanceof UnavailableException)
throw (UnavailableException) e;
else if (e instanceof ServletException)
throw (ServletException) e;
else if (e instanceof IOException)
throw (IOException) e;
else if (e instanceof RuntimeException)
throw (RuntimeException) e;
else
throw new ServletException(e.getMessage(), e);
}
}
use of java.security.PrivilegedExceptionAction in project Payara by payara.
the class StandardWrapper method loadServletClass.
/*
* Loads the servlet class
*/
private synchronized void loadServletClass() throws ServletException {
if (servletClass != null) {
return;
}
// If this "servlet" is really a JSP file, get the right class.
String actualClass = servletClassName;
if (actualClass == null && jspFile != null) {
Wrapper jspWrapper = (Wrapper) ((Context) getParent()).findChild(JSP_SERVLET_NAME);
if (jspWrapper != null) {
actualClass = jspWrapper.getServletClassName();
// Merge init parameters
for (String paramName : jspWrapper.findInitParameters()) {
if (parameters.get(paramName) == null) {
parameters.put(paramName, jspWrapper.findInitParameter(paramName));
}
}
}
}
// Complain if no servlet class has been specified
if (actualClass == null) {
unavailable(null);
throw new ServletException(createMsg(NO_SERVLET_BE_SPECIFIED_EXCEPTION, getName()));
}
// environments
if (isJspServlet) {
parameters.putIfAbsent("compilerTargetVM", "1.8");
parameters.putIfAbsent("compilerSourceVM", "1.8");
}
// Acquire an instance of the class loader to be used
Loader loader = getLoader();
if (loader == null) {
unavailable(null);
throw new ServletException(createMsg(CANNOT_FIND_LOADER_EXCEPTION, getName()));
}
ClassLoader classLoader = loader.getClassLoader();
//
if (isContainerProvidedServlet(actualClass) && !((Context) getParent()).getPrivileged()) {
// If it is a priviledged context - using its own class loader will work, since it's a child of
// the container loader
classLoader = this.getClass().getClassLoader();
}
// Load the specified servlet class from the appropriate class loader
Class<?> clazz = null;
try {
if (isPackageProtectionEnabled()) {
final ClassLoader fclassLoader = classLoader;
final String factualClass = actualClass;
try {
clazz = AccessController.doPrivileged(new PrivilegedExceptionAction<Class>() {
public Class run() throws Exception {
if (fclassLoader != null) {
return fclassLoader.loadClass(factualClass);
} else {
return Class.forName(factualClass);
}
}
});
} catch (PrivilegedActionException pax) {
Exception ex = pax.getException();
if (ex instanceof ClassNotFoundException) {
throw (ClassNotFoundException) ex;
}
getServletContext().log(createMsg(ERROR_LOADING_INFO, fclassLoader, factualClass), ex);
}
} else {
if (classLoader != null) {
clazz = classLoader.loadClass(actualClass);
} else {
clazz = Class.forName(actualClass);
}
}
} catch (ClassNotFoundException e) {
unavailable(null);
getServletContext().log(createMsg(ERROR_LOADING_INFO, classLoader, actualClass), e);
throw new ServletException(createMsg(CANNOT_FIND_SERVLET_CLASS_EXCEPTION, actualClass), e);
}
if (clazz == null) {
unavailable(null);
throw new ServletException(createMsg(CANNOT_FIND_SERVLET_CLASS_EXCEPTION, actualClass));
}
servletClass = castToServletClass(clazz);
}
Aggregations