axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From veit...@apache.org
Subject svn commit: r804411 - /webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java
Date Fri, 14 Aug 2009 23:57:24 GMT
Author: veithen
Date: Fri Aug 14 23:57:24 2009
New Revision: 804411

URL: http://svn.apache.org/viewvc?rev=804411&view=rev
Log:
Fixed in issue in loadClassPathModules when there is a security manager and read access to
some files in the classloader hierarchy is denied.

Modified:
    webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java

Modified: webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java
URL: http://svn.apache.org/viewvc/webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java?rev=804411&r1=804410&r2=804411&view=diff
==============================================================================
--- webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java
(original)
+++ webservices/axis2/trunk/java/modules/kernel/src/org/apache/axis2/deployment/RepositoryListener.java
Fri Aug 14 23:57:24 2009
@@ -195,8 +195,20 @@
                         // Log this?
                     }
                     File file = new File(path.replace('/', File.separatorChar).replace('|',
':'));
-                    if (file.isFile()) {
-                        if (DeploymentFileData.isModuleArchiveFile(file.getName())) {
+                    // If there is a security manager, then it is highly probable that it
will deny
+                    // read access to some files in the class loader hierarchy. Therefore
we first
+                    // check if the name matches that of a module archive and only then check
if we
+                    // can access it. If the security manager denies access, we log a warning.
+                    if (DeploymentFileData.isModuleArchiveFile(file.getName())) {
+                        boolean isFile;
+                        try {
+                            isFile = file.isFile();
+                        } catch (SecurityException ex) {
+                            log.warn("Not deploying " + file.getName() +
+                                    " because security manager denies access", ex);
+                            isFile = false;
+                        }
+                        if (isFile) {
                             //adding modules in the class path
                             addFileToDeploy(file, deployer, WSInfo.TYPE_MODULE);
                         }



Mime
View raw message