use of org.apache.tomcat.util.security.PrivilegedGetTccl in project tomcat by apache.
the class JspDocumentParser method getSAXParser.
/*
* Gets SAXParser.
*
* @param validating Indicates whether the requested SAXParser should
* be validating
* @param jspDocParser The JSP document parser
*
* @return The SAXParser
*/
private static SAXParser getSAXParser(boolean validating, JspDocumentParser jspDocParser) throws Exception {
ClassLoader original;
if (Constants.IS_SECURITY_ENABLED) {
PrivilegedGetTccl pa = new PrivilegedGetTccl();
original = AccessController.doPrivileged(pa);
} else {
original = Thread.currentThread().getContextClassLoader();
}
try {
if (Constants.IS_SECURITY_ENABLED) {
PrivilegedSetTccl pa = new PrivilegedSetTccl(JspDocumentParser.class.getClassLoader());
AccessController.doPrivileged(pa);
} else {
Thread.currentThread().setContextClassLoader(JspDocumentParser.class.getClassLoader());
}
SAXParserFactory factory = SAXParserFactory.newInstance();
factory.setNamespaceAware(true);
// Preserve xmlns attributes
factory.setFeature("http://xml.org/sax/features/namespace-prefixes", true);
factory.setValidating(validating);
if (validating) {
// Enable DTD validation
factory.setFeature("http://xml.org/sax/features/validation", true);
// Enable schema validation
factory.setFeature("http://apache.org/xml/features/validation/schema", true);
}
// Configure the parser
SAXParser saxParser = factory.newSAXParser();
XMLReader xmlReader = saxParser.getXMLReader();
xmlReader.setProperty(LEXICAL_HANDLER_PROPERTY, jspDocParser);
xmlReader.setErrorHandler(jspDocParser);
return saxParser;
} finally {
if (Constants.IS_SECURITY_ENABLED) {
PrivilegedSetTccl pa = new PrivilegedSetTccl(original);
AccessController.doPrivileged(pa);
} else {
Thread.currentThread().setContextClassLoader(original);
}
}
}
Aggregations