TUSCANY-3925 - Apply Jennifer's Java security patch.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@1162160 13f79535-47bb-0310-9956-ffa450edef68
author: slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68> 2011-08-26 16:41:39 +0000
committer: slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68> 2011-08-26 16:41:39 +0000
commit: d93ec216d63aed8ff2f08b4cba7de965dc14639c (patch)
tree: 6b5cbba37f626e16a644ef53caaa77aa4fccef14
parent: f7e97ac1e99cf7015316150cfcfdd978359b08da (diff)
3 files changed, 65 insertions, 11 deletions
diff --git a/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/impl/WSDLHelper.java b/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/impl/WSDLHelper.java
index 778f613db1..0dfaed6791 100644
--- a/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/impl/WSDLHelper.java
+++ b/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/impl/WSDLHelper.java
@@ -29,6 +29,9 @@ import java.io.OutputStreamWriter;
 import java.io.Writer;
 import java.net.URI;
 import java.net.URL;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -36,6 +39,7 @@ import java.util.Map;
 import javax.wsdl.Definition;
 import javax.wsdl.PortType;
 import javax.wsdl.Types;
+import javax.wsdl.WSDLException;
 import javax.wsdl.xml.WSDLLocator;
 import javax.wsdl.xml.WSDLReader;
 
@@ -227,11 +231,30 @@ public class WSDLHelper {
             // read
             for (XMLString xmlString : xmlMap.values()){
                 if (xmlString instanceof WSDLInfo){
-                    WSDLReader reader =  javax.wsdl.factory.WSDLFactory.newInstance().newWSDLReader();
+                    WSDLReader reader;
+                    try {
+                        reader =  AccessController.doPrivileged(new PrivilegedExceptionAction<WSDLReader>() {
+                            public WSDLReader run() throws WSDLException {
+                                return javax.wsdl.factory.WSDLFactory.newInstance().newWSDLReader();                         
+                            }
+                        });
+                    } catch (PrivilegedActionException e){
+                        throw (WSDLException)e.getException();
+                    }
                     reader.setFeature("javax.wsdl.verbose", false);
                     reader.setFeature("javax.wsdl.importDocuments", true);
-                    WSDLLocatorImpl locator = new WSDLLocatorImpl(xmlString.getBaseURI(), xmlMap);
-                    Definition readDefinition = reader.readWSDL(locator);
+                    final WSDLLocatorImpl locator = new WSDLLocatorImpl(xmlString.getBaseURI(), xmlMap);
+                    final WSDLReader freader = reader;
+                    Definition readDefinition;
+                    try {
+                        readDefinition = AccessController.doPrivileged(new PrivilegedExceptionAction<Definition>() {
+                            public Definition run() throws WSDLException {
+                                return freader.readWSDL(locator);                        
+                            }
+                        });
+                    } catch (PrivilegedActionException e){
+                        throw (WSDLException)e.getException();
+                    }
                     
                     WSDLDefinition wsdlDefinition = wsdlFactory.createWSDLDefinition();
                     wsdlDefinition.setDefinition(readDefinition);
diff --git a/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/impl/JDKProxyFactory.java b/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/impl/JDKProxyFactory.java
index 7109dad1fd..a9a28d434a 100644
--- a/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/impl/JDKProxyFactory.java
+++ b/sca-java-2.x/trunk/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/impl/JDKProxyFactory.java
@@ -146,9 +146,13 @@ public class JDKProxyFactory implements ProxyFactory, LifeCycleListener {
 
     public <T> T createCallbackProxy(ServiceReference<T> callbackReference) throws ProxyCreationException {
         assert callbackReference != null;
-        Class<T> interfaze = callbackReference.getBusinessInterface();
+        final Class<T> interfaze = callbackReference.getBusinessInterface();
         InvocationHandler handler = new JDKCallbackInvocationHandler(messageFactory, callbackReference);
-        ClassLoader cl = interfaze.getClassLoader();
+        ClassLoader cl = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+            public ClassLoader run() {
+                return interfaze.getClassLoader();
+            }
+        });
         T proxy = interfaze.cast(newProxyInstance(cl, new Class[] {interfaze}, handler));
         ((ServiceReferenceExt<T>)callbackReference).setProxy(proxy);
         return proxy;
diff --git a/sca-java-2.x/trunk/modules/extensibility/src/main/java/org/apache/tuscany/sca/core/DefaultFactoryExtensionPoint.java b/sca-java-2.x/trunk/modules/extensibility/src/main/java/org/apache/tuscany/sca/core/DefaultFactoryExtensionPoint.java
index 1c49ea4ee4..ae7d83009e 100644
--- a/sca-java-2.x/trunk/modules/extensibility/src/main/java/org/apache/tuscany/sca/core/DefaultFactoryExtensionPoint.java
+++ b/sca-java-2.x/trunk/modules/extensibility/src/main/java/org/apache/tuscany/sca/core/DefaultFactoryExtensionPoint.java
@@ -25,6 +25,8 @@ import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -103,7 +105,7 @@ public class DefaultFactoryExtensionPoint implements FactoryExtensionPoint {
      * @param factoryInterface The lookup key (factory interface)
      * @return The factory
      */    
-    public <T> T getFactory(Class<T> factoryInterface) {
+    public <T> T getFactory(final Class<T> factoryInterface) {
         Object factory = factories.get(factoryInterface);
         if (factory == null) {
 
@@ -128,12 +130,37 @@ public class DefaultFactoryExtensionPoint implements FactoryExtensionPoint {
                     
                     // If the input interface is an abstract class
                     if (!factoryInterface.isInterface() && Modifier.isAbstract(factoryInterface.getModifiers())) {
-                        Method newInstanceMethod = factoryInterface.getDeclaredMethod("newInstance");
-                        ClassLoader tccl = setContextClassLoader(factoryInterface.getClassLoader());
+                    
+                        Method newInstanceMethod;
                         try {
-                            
-                            // Create a new instance
-                            factory = newInstanceMethod.invoke(null);
+                            newInstanceMethod = AccessController.doPrivileged(new PrivilegedExceptionAction<Method>() {
+                                public Method run() throws Exception {
+                                    return factoryInterface.getDeclaredMethod("newInstance");
+                                }
+                            });
+                        } catch (PrivilegedActionException e){
+                            throw (Exception)e.getException();
+                        }
+                        
+                        ClassLoader cl = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
+                            public ClassLoader run() {
+                                ClassLoader cl = factoryInterface.getClassLoader();
+                                return cl;
+                            }
+                        });
+                        ClassLoader tccl = setContextClassLoader(cl);
+                        try {
+                            try {
+                                final Method fnewInstanceMethod = newInstanceMethod;
+                                factory = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
+                                public Object run() throws Exception {
+                                    Object factory = fnewInstanceMethod.invoke(null);
+                                    return factory;
+                                }
+                            });
+                            } catch (PrivilegedActionException e){
+                                throw (Exception)e.getException();
+                            }
                             
                             // Cache the factory
                             factories.put(factoryInterface, factory);
author	slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68>	2011-08-26 16:41:39 +0000
committer	slaws <slaws@13f79535-47bb-0310-9956-ffa450edef68>	2011-08-26 16:41:39 +0000
commit	d93ec216d63aed8ff2f08b4cba7de965dc14639c (patch)
tree	6b5cbba37f626e16a644ef53caaa77aa4fccef14
parent	f7e97ac1e99cf7015316150cfcfdd978359b08da (diff)