Example 1 with DeployXmlPermission
use of org.apache.catalina.security.DeployXmlPermission in project tomcat70 by apache.
the class HostConfig method isDeployThisXML.
private boolean isDeployThisXML(File docBase, ContextName cn) {
boolean deployThisXML = isDeployXML();
if (Globals.IS_SECURITY_ENABLED && !deployThisXML) {
// When running under a SecurityManager, deployXML may be overridden
// on a per Context basis by the granting of a specific permission
Policy currentPolicy = Policy.getPolicy();
if (currentPolicy != null) {
URL contextRootUrl;
try {
contextRootUrl = docBase.toURI().toURL();
CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null);
PermissionCollection pc = currentPolicy.getPermissions(cs);
Permission p = new DeployXmlPermission(cn.getBaseName());
if (pc.implies(p)) {
deployThisXML = true;
}
} catch (MalformedURLException e) {
// Should never happen
log.warn("hostConfig.docBaseUrlInvalid", e);
}
}
}
return deployThisXML;
}
Also used :
Policy(java.security.Policy)
PermissionCollection(java.security.PermissionCollection)
MalformedURLException(java.net.MalformedURLException)
Permission(java.security.Permission)
DeployXmlPermission(org.apache.catalina.security.DeployXmlPermission)
CodeSource(java.security.CodeSource)
DeployXmlPermission(org.apache.catalina.security.DeployXmlPermission)
URL(java.net.URL)
Certificate(java.security.cert.Certificate)
Example 2 with DeployXmlPermission
use of org.apache.catalina.security.DeployXmlPermission in project tomcat by apache.
the class HostConfig method isDeployThisXML.
private boolean isDeployThisXML(File docBase, ContextName cn) {
boolean deployThisXML = isDeployXML();
if (Globals.IS_SECURITY_ENABLED && !deployThisXML) {
// When running under a SecurityManager, deployXML may be overridden
// on a per Context basis by the granting of a specific permission
Policy currentPolicy = Policy.getPolicy();
if (currentPolicy != null) {
URL contextRootUrl;
try {
contextRootUrl = docBase.toURI().toURL();
CodeSource cs = new CodeSource(contextRootUrl, (Certificate[]) null);
PermissionCollection pc = currentPolicy.getPermissions(cs);
Permission p = new DeployXmlPermission(cn.getBaseName());
if (pc.implies(p)) {
deployThisXML = true;
}
} catch (MalformedURLException e) {
// Should never happen
log.warn(sm.getString("hostConfig.docBaseUrlInvalid"), e);
}
}
}
return deployThisXML;
}
Also used :
Policy(java.security.Policy)
PermissionCollection(java.security.PermissionCollection)
MalformedURLException(java.net.MalformedURLException)
Permission(java.security.Permission)
DeployXmlPermission(org.apache.catalina.security.DeployXmlPermission)
CodeSource(java.security.CodeSource)
DeployXmlPermission(org.apache.catalina.security.DeployXmlPermission)
URL(java.net.URL)
Certificate(java.security.cert.Certificate)
Aggregations
MalformedURLException (java.net.MalformedURLException)2
URL (java.net.URL)2
CodeSource (java.security.CodeSource)2
Permission (java.security.Permission)2
PermissionCollection (java.security.PermissionCollection)2
Policy (java.security.Policy)2
Certificate (java.security.cert.Certificate)2
DeployXmlPermission (org.apache.catalina.security.DeployXmlPermission)2
