Examples with XMLResolver - javax.xml.stream.XMLResolver

Example 1 with XMLResolver

use of javax.xml.stream.XMLResolver in project camel by apache.

the class StaxConverter method createXMLInputFactory.

public static XMLInputFactory createXMLInputFactory(boolean nsAware) {
    XMLInputFactory factory = XMLInputFactory.newInstance();
    setProperty(factory, XMLInputFactory.IS_NAMESPACE_AWARE, nsAware);
    setProperty(factory, XMLInputFactory.SUPPORT_DTD, Boolean.FALSE);
    setProperty(factory, XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, Boolean.FALSE);
    setProperty(factory, XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, Boolean.FALSE);
    factory.setXMLResolver(new XMLResolver() {

        public Object resolveEntity(String publicID, String systemID, String baseURI, String namespace) throws XMLStreamException {
            throw new XMLStreamException("Reading external entities is disabled");
        }
    });
    if (isWoodstox(factory)) {
        // just log a debug as we are good then
        LOG.debug("Created Woodstox XMLInputFactory: {}", factory);
    } else {
        // log a hint that woodstock may be a better factory to use
        LOG.info("Created XMLInputFactory: {}. DOMSource/DOMResult may have issues with {}. We suggest using Woodstox.", factory, factory);
    }
    return factory;
}

Also used : XMLStreamException(javax.xml.stream.XMLStreamException) XMLResolver(javax.xml.stream.XMLResolver) XMLInputFactory(javax.xml.stream.XMLInputFactory)

Example 2 with XMLResolver

use of javax.xml.stream.XMLResolver in project webservices-axiom by apache.

the class SJSXPDialect method disallowDoctypeDecl.

@Override
public XMLInputFactory disallowDoctypeDecl(XMLInputFactory factory) {
    // SJSXP is particular because when SUPPORT_DTD is set to false, no DTD event is reported.
    // This means that we would not be able to throw an exception. The trick is to enable
    // DTD support and trigger an exception if the parser attempts to load the external subset
    // or returns a DTD event.
    factory.setProperty(XMLInputFactory.SUPPORT_DTD, Boolean.TRUE);
    factory.setProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, Boolean.FALSE);
    factory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, Boolean.FALSE);
    factory.setXMLResolver(new XMLResolver() {

        @Override
        public Object resolveEntity(String publicID, String systemID, String baseURI, String namespace) throws XMLStreamException {
            throw new XMLStreamException("DOCTYPE is not allowed");
        }
    });
    return new DisallowDoctypeDeclInputFactoryWrapper(factory);
}

Also used : XMLStreamException(javax.xml.stream.XMLStreamException) XMLResolver(javax.xml.stream.XMLResolver)

Example 3 with XMLResolver

use of javax.xml.stream.XMLResolver in project wildfly by wildfly.

the class WildFlyJobXmlResolver method init.

/**
     * Initializes the state of an instance
     */
private void init(final ClassLoader classLoader) {
    // Load the user defined resolvers
    for (JobXmlResolver resolver : ServiceLoader.load(JobXmlResolver.class, classLoader)) {
        jobXmlResolvers.add(resolver);
        for (String jobXml : resolver.getJobXmlNames(classLoader)) {
            addJob(jobXml, resolver.resolveJobName(jobXml, classLoader));
        }
    }
    // Load the default names
    for (Map.Entry<String, VirtualFile> entry : jobXmlFiles.entrySet()) {
        try {
            // Parsing the entire job XML seems excessive to just get the job name. There are two reasons for this:
            //  1) If an error occurs during parsing there's no real need to consider this a valid job
            //  2) Using the implementation parser seems less error prone for future-proofing
            final Job job = JobParser.parseJob(entry.getValue().openStream(), classLoader, new XMLResolver() {

                // this is essentially what JBeret does, but it's ugly. JBeret might need an API to handle this
                @Override
                public Object resolveEntity(final String publicID, final String systemID, final String baseURI, final String namespace) throws XMLStreamException {
                    try {
                        return (jobXmlFiles.containsKey(systemID) ? jobXmlFiles.get(systemID).openStream() : null);
                    } catch (IOException e) {
                        throw new XMLStreamException(e);
                    }
                }
            });
            addJob(entry.getKey(), job.getId());
        } catch (XMLStreamException | IOException e) {
            // Report the possible error as we don't want to fail the deployment. The job may never be run.
            BatchLogger.LOGGER.invalidJobXmlFile(entry.getKey());
        }
    }
}

Also used : JobXmlResolver(org.jberet.spi.JobXmlResolver) VirtualFile(org.jboss.vfs.VirtualFile) XMLStreamException(javax.xml.stream.XMLStreamException) XMLResolver(javax.xml.stream.XMLResolver) IOException(java.io.IOException) Job(org.jberet.job.model.Job) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map)

Aggregations

XMLResolver (javax.xml.stream.XMLResolver)3 XMLStreamException (javax.xml.stream.XMLStreamException)3 IOException (java.io.IOException)1 LinkedHashMap (java.util.LinkedHashMap)1 Map (java.util.Map)1 XMLInputFactory (javax.xml.stream.XMLInputFactory)1 Job (org.jberet.job.model.Job)1 JobXmlResolver (org.jberet.spi.JobXmlResolver)1 VirtualFile (org.jboss.vfs.VirtualFile)1