openjpa-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kwsut...@apache.org
Subject svn commit: r564408 - in /openjpa/trunk: ./ openjpa-all/ openjpa-examples/ openjpa-jdbc/src/main/java/org/apache/openjpa/jdbc/meta/ openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/ openjpa-kernel/src/main/java/org/apache/openjpa/enhance/ open...
Date Thu, 09 Aug 2007 22:27:21 GMT
Author: kwsutter
Date: Thu Aug  9 15:27:17 2007
New Revision: 564408

URL: http://svn.apache.org/viewvc?view=rev&rev=564408
Log:
OPENJPA-244.  Committing Albert's changes for Java 2 Security (minus the white space).

Added:
    openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.jse.policy
Modified:
    openjpa/trunk/   (props changed)
    openjpa/trunk/openjpa-all/   (props changed)
    openjpa/trunk/openjpa-examples/   (props changed)
    openjpa/trunk/openjpa-jdbc/src/main/java/org/apache/openjpa/jdbc/meta/ReverseMappingTool.java
    openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/ManagedClassSubclasser.java
    openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/PCEnhancerAgent.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/ApplicationIdTool.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/DynamicStorageGenerator.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/PCEnhancer.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/Reflection.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/BeanLifecycleCallbacks.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/MethodLifecycleCallbacks.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/TCPRemoteCommitProvider.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/AbstractCFMetaDataFactory.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/InterfaceImplGenerator.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ClassResolverImpl.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/GeneratedClasses.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/MultiLoaderClassResolver.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/Serialization.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/ant/AbstractTask.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/ConfigurationImpl.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/Configurations.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClassMetaDataIterator.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClasspathMetaDataIterator.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/FileMetaDataIterator.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ResourceMetaDataIterator.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/XMLMetaDataParser.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
    openjpa/trunk/openjpa-persistence/   (props changed)
    openjpa/trunk/openjpa-persistence-jdbc/   (props changed)
    openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.test.policy
    openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/AnnotationPersistenceMetaDataSerializer.java
    openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceProductDerivation.java
    openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceUnitInfoImpl.java

Propchange: openjpa/trunk/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Thu Aug  9 15:27:17 2007
@@ -1 +1,7 @@
 .*
+
+openjpa-database
+
+target
+
+subs

Propchange: openjpa/trunk/openjpa-all/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Thu Aug  9 15:27:17 2007
@@ -0,0 +1 @@
+target

Propchange: openjpa/trunk/openjpa-examples/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Thu Aug  9 15:27:17 2007
@@ -0,0 +1 @@
+target

Modified: openjpa/trunk/openjpa-jdbc/src/main/java/org/apache/openjpa/jdbc/meta/ReverseMappingTool.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-jdbc/src/main/java/org/apache/openjpa/jdbc/meta/ReverseMappingTool.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-jdbc/src/main/java/org/apache/openjpa/jdbc/meta/ReverseMappingTool.java (original)
+++ openjpa/trunk/openjpa-jdbc/src/main/java/org/apache/openjpa/jdbc/meta/ReverseMappingTool.java Thu Aug  9 15:27:17 2007
@@ -179,7 +179,8 @@
     private final Log _log;
     private final Map _tables = new HashMap();
     private final Project _project = new Project();
-    private final BCClassLoader _loader = new BCClassLoader(_project);
+    private final BCClassLoader _loader = (BCClassLoader) AccessController
+        .doPrivileged(J2DoPrivHelper.newBCClassLoaderAction(_project));
     private StrategyInstaller _strat = null;
     private String _package = null;
     private File _dir = null;

Modified: openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/ManagedClassSubclasser.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/ManagedClassSubclasser.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/ManagedClassSubclasser.java (original)
+++ openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/ManagedClassSubclasser.java Thu Aug  9 15:27:17 2007
@@ -19,6 +19,8 @@
 package org.apache.openjpa.enhance;
 
 import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
 import java.util.Map;
 import java.util.HashMap;
 import java.util.Collection;
@@ -28,6 +30,7 @@
 import java.util.Iterator;
 
 import org.apache.openjpa.conf.OpenJPAConfiguration;
+import org.apache.openjpa.lib.util.J2DoPrivHelper;
 import org.apache.openjpa.lib.util.JavaVersions;
 import org.apache.openjpa.lib.util.BytecodeWriter;
 import org.apache.openjpa.lib.util.Localizer;
@@ -169,14 +172,19 @@
         }
     }
 
-    private static void write(BCClass bc, PCEnhancer enhancer,
+    private static void write(final BCClass bc, PCEnhancer enhancer,
         Map<Class, byte[]> map, Class cls, List subs, List ints)
         throws IOException {
 
         // #####
         java.io.File dir = org.apache.openjpa.lib.util.Files.getPackageFile(
             new java.io.File("subs"), bc.getPackageName(), true);
-        bc.write(new java.io.File(dir, bc.getClassName() + ".class"));
+        try {
+            AccessController.doPrivileged(J2DoPrivHelper.bCClassWrite(bc,
+                    new java.io.File(dir, bc.getClassName() + ".class")));
+        } catch (PrivilegedActionException pae) {
+            throw (IOException) pae.getException();
+        }
 
         if (bc == enhancer.getManagedTypeBytecode()) {
             // if it was already defined, don't put it in the map,

Modified: openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/PCEnhancerAgent.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/PCEnhancerAgent.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/PCEnhancerAgent.java (original)
+++ openjpa/trunk/openjpa-kernel-5/src/main/java/org/apache/openjpa/enhance/PCEnhancerAgent.java Thu Aug  9 15:27:17 2007
@@ -84,9 +84,11 @@
         conf.setConnectionDriverName(null);
         conf.setConnectionFactoryName(null);
         // set single class resolver
-        final ClassLoader tmpLoader = new TemporaryClassLoader(
-            (ClassLoader) AccessController.doPrivileged(
-                J2DoPrivHelper.getContextClassLoaderAction()));
+        final ClassLoader tmpLoader = (ClassLoader) AccessController
+            .doPrivileged(J2DoPrivHelper
+                .newTemporaryClassLoaderAction((ClassLoader) AccessController
+                    .doPrivileged(J2DoPrivHelper.getContextClassLoaderAction())
+                    ));
         conf.setClassResolver(new ClassResolver() {
             public ClassLoader getClassLoader(Class context, ClassLoader env) {
                 return tmpLoader;

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/ApplicationIdTool.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/ApplicationIdTool.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/ApplicationIdTool.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/ApplicationIdTool.java Thu Aug  9 15:27:17 2007
@@ -1366,7 +1366,8 @@
         ApplicationIdTool tool;
         Class cls;
         ClassMetaData meta;
-        BCClassLoader bc = new BCClassLoader(new Project());
+        BCClassLoader bc = (BCClassLoader) AccessController
+            .doPrivileged(J2DoPrivHelper.newBCClassLoaderAction(new Project()));
         for (Iterator itr = classes.iterator(); itr.hasNext();) {
             cls = (Class) itr.next();
             log.info(_loc.get("appid-running", cls));

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/DynamicStorageGenerator.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/DynamicStorageGenerator.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/DynamicStorageGenerator.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/DynamicStorageGenerator.java Thu Aug  9 15:27:17 2007
@@ -96,9 +96,10 @@
 
     // the project/classloader for the classes.
     private final Project _project = new Project();
-    private final BCClassLoader _loader = new BCClassLoader(_project,
-        (ClassLoader) AccessController.doPrivileged(
-            J2DoPrivHelper.getClassLoaderAction(DynamicStorage.class)));
+    private final BCClassLoader _loader = (BCClassLoader) AccessController
+        .doPrivileged(J2DoPrivHelper.newBCClassLoaderAction(_project,
+            (ClassLoader) AccessController.doPrivileged(J2DoPrivHelper
+                .getClassLoaderAction(DynamicStorage.class))));
 
     /**
      * Generate a generic {@link DynamicStorage} instance with the given

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/PCEnhancer.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/PCEnhancer.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/PCEnhancer.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/PCEnhancer.java Thu Aug  9 15:27:17 2007
@@ -57,7 +57,6 @@
 import org.apache.openjpa.lib.util.Localizer;
 import org.apache.openjpa.lib.util.Options;
 import org.apache.openjpa.lib.util.Services;
-import org.apache.openjpa.lib.util.TemporaryClassLoader;
 import org.apache.openjpa.lib.util.Localizer.Message;
 import org.apache.openjpa.meta.ClassMetaData;
 import org.apache.openjpa.meta.FieldMetaData;
@@ -179,14 +178,17 @@
      * Constructor. Supply configuration and type to enhance.
      */
     public PCEnhancer(OpenJPAConfiguration conf, Class type) {
-        this(conf, new Project().loadClass(type), (MetaDataRepository) null);
+        this(conf, (BCClass) AccessController.doPrivileged(J2DoPrivHelper
+            .loadProjectClassAction(new Project(), type)),
+            (MetaDataRepository) null);
     }
 
     /**
      * Constructor. Supply configuration and type to enhance.
      */
     public PCEnhancer(OpenJPAConfiguration conf, ClassMetaData type) {
-        this(conf, new Project().loadClass(type.getDescribedType()),
+        this(conf, (BCClass) AccessController.doPrivileged(J2DoPrivHelper
+            .loadProjectClassAction(new Project(), type.getDescribedType())),
             type.getRepository());
     }
 
@@ -726,14 +728,19 @@
 
             // if the middle instruction was a getfield, then it's the
             // field that's being accessed
-            if (!findAccessed && prevIns instanceof GetFieldInstruction)
-                cur = ((FieldInstruction) prevIns).getField();
+            if (!findAccessed && prevIns instanceof GetFieldInstruction) {
+                final FieldInstruction fPrevIns = (FieldInstruction) prevIns;
+                cur = (BCField) AccessController.doPrivileged(
+                    J2DoPrivHelper.getFieldInstructionFieldAction(fPrevIns));
                 // if the middle instruction was an xload_1, then the
                 // matched instruction is the field that's being set.
-            else if (findAccessed && prevIns instanceof LoadInstruction
-                && ((LoadInstruction) prevIns).getParam() == 0)
-                cur = ((FieldInstruction) templateIns).getField();
-            else
+            } else if (findAccessed && prevIns instanceof LoadInstruction
+                && ((LoadInstruction) prevIns).getParam() == 0) {
+                final FieldInstruction fTemplateIns =
+                    (FieldInstruction) templateIns;
+                cur = (BCField) AccessController.doPrivileged(J2DoPrivHelper
+                    .getFieldInstructionFieldAction(fTemplateIns));
+            } else
                 return null;
 
             if (field != null && cur != field)
@@ -888,7 +895,10 @@
                     // first load the old value for use in the
                     // StateManager.settingXXX method.
                     loadManagedInstance(code, false);
-                    code.getfield().setField(fi.getField());
+                    final FieldInstruction fFi = fi;
+                    code.getfield().setField(
+                        (BCField) AccessController.doPrivileged(J2DoPrivHelper
+                            .getFieldInstructionFieldAction(fFi)));
                     int val = code.getNextLocalsIndex();
                     code.xstore().setLocal(val).setType(fi.getFieldType());
 
@@ -3441,7 +3451,7 @@
         code.vreturn();
 
         // inst.pcStateManager.setting<fieldType>Field (inst,
-        //	pcInheritedFieldCount + <index>, inst.<field>, value, 0);
+        //     pcInheritedFieldCount + <index>, inst.<field>, value, 0);
         ifins.setTarget(loadManagedInstance(code, true));
         code.getfield().setField(SM, SMTYPE);
         loadManagedInstance(code, true);
@@ -3569,7 +3579,9 @@
         String fieldName = toBackingFieldName(attrName);
 
         // next, find the field in the managed type.
-        BCField[] fields = _managedType.getFields(fieldName);
+        BCField[] fields = (BCField[]) AccessController
+            .doPrivileged(J2DoPrivHelper.getBCClassFieldsAction(_managedType,
+                fieldName)); 
         BCField field = null;
         for (int i = 0; i < fields.length; i++) {
             field = fields[i];
@@ -4284,7 +4296,8 @@
             loader = conf.getClassResolverInstance().
                 getClassLoader(PCEnhancer.class, null);
         if (flags.tmpClassLoader)
-            loader = new TemporaryClassLoader(loader);
+            loader = (ClassLoader) AccessController.doPrivileged(J2DoPrivHelper
+                .newTemporaryClassLoaderAction(loader));
 
         if (repos == null) {
             repos = conf.newMetaDataRepositoryInstance();

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/Reflection.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/Reflection.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/Reflection.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/enhance/Reflection.java Thu Aug  9 15:27:17 2007
@@ -192,7 +192,8 @@
     private static void makeAccessible(AccessibleObject ao, int mods) {
         try {
             if (!Modifier.isPublic(mods) && !ao.isAccessible())
-                ao.setAccessible(true);
+                AccessController.doPrivileged(J2DoPrivHelper
+                    .setAccessibleAction(ao, true));
         } catch (SecurityException se) {
             throw new UserException(_loc.get("reflect-security", ao)).
                 setFatal(true);

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/BeanLifecycleCallbacks.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/BeanLifecycleCallbacks.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/BeanLifecycleCallbacks.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/BeanLifecycleCallbacks.java Thu Aug  9 15:27:17 2007
@@ -77,7 +77,8 @@
         throws Exception {
         Method callback = getCallbackMethod();
         if (!callback.isAccessible())
-            callback.setAccessible(true);
+            AccessController.doPrivileged(J2DoPrivHelper.setAccessibleAction(
+                callback, true));
         if (requiresArgument())
             callback.invoke(_listener, new Object[]{ obj, rel });
         else

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/MethodLifecycleCallbacks.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/MethodLifecycleCallbacks.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/MethodLifecycleCallbacks.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/MethodLifecycleCallbacks.java Thu Aug  9 15:27:17 2007
@@ -84,7 +84,8 @@
     public void makeCallback(Object obj, Object arg, int eventType)
         throws Exception {
         if (!_callback.isAccessible())
-            _callback.setAccessible(true);
+            AccessController.doPrivileged(J2DoPrivHelper.setAccessibleAction(
+                _callback, true));
 
         if (_arg)
             _callback.invoke(obj, new Object[]{ arg });

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/TCPRemoteCommitProvider.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/TCPRemoteCommitProvider.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/TCPRemoteCommitProvider.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/event/TCPRemoteCommitProvider.java Thu Aug  9 15:27:17 2007
@@ -31,6 +31,8 @@
 import java.net.Socket;
 import java.net.SocketException;
 import java.net.UnknownHostException;
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
@@ -46,6 +48,7 @@
 import org.apache.commons.pool.impl.GenericObjectPool;
 import org.apache.openjpa.lib.conf.Configurable;
 import org.apache.openjpa.lib.log.Log;
+import org.apache.openjpa.lib.util.J2DoPrivHelper;
 import org.apache.openjpa.lib.util.Localizer;
 import org.apache.openjpa.util.GeneralException;
 import org.apache.openjpa.util.InternalException;
@@ -235,7 +238,8 @@
                     hostname = host;
                     tmpPort = DEFAULT_PORT;
                 }
-                InetAddress tmpAddress = InetAddress.getByName(hostname);
+                InetAddress tmpAddress = (InetAddress) AccessController
+                    .doPrivileged(J2DoPrivHelper.getByNameAction(hostname)); 
 
                 // bleair: For each address we would rather make use of
                 // the jdk1.4 isLinkLocalAddress () || isLoopbackAddress ().
@@ -260,8 +264,9 @@
                     }
                 }
             }
-        }
-        finally {
+        } catch (PrivilegedActionException pae) {
+            throw (UnknownHostException) pae.getException();
+        } finally {
             _addressesLock.unlock();
         }
     }
@@ -499,7 +504,12 @@
             throws IOException {
             _port = port;
             _log = log;
-            _receiveSocket = new ServerSocket(_port);
+            try {
+                _receiveSocket = (ServerSocket) AccessController
+                    .doPrivileged(J2DoPrivHelper.newServerSocketAction(_port));
+            } catch (PrivilegedActionException pae) {
+                throw (IOException) pae.getException();
+            }
             _localhost = InetAddress.getLocalHost().getAddress();
 
             if (_log.isTraceEnabled())
@@ -566,7 +576,8 @@
                 try {
                     s = null;
                     // Block, waiting to accept new connection from a peer
-                    s = _receiveSocket.accept();
+                    s = (Socket) AccessController.doPrivileged(J2DoPrivHelper
+                        .acceptAction(_receiveSocket));
                     if (_log.isTraceEnabled()) {
                         _log.trace(s_loc.get("tcp-received-connection",
                             s.getInetAddress().getHostAddress()
@@ -578,6 +589,8 @@
                     receiverThread.start();
                     _receiverThreads.add(receiverThread);
                 } catch (Exception e) {
+                    if (e instanceof PrivilegedActionException)
+                        e = ((PrivilegedActionException) e).getException();
                     if (!(e instanceof SocketException) || _isRunning)
                         if (_log.isWarnEnabled())
                             _log.warn(s_loc.get("tcp-accept-error"), e);
@@ -755,12 +768,19 @@
         private HostAddress(String host)
             throws UnknownHostException {
             int colon = host.indexOf(':');
-            if (colon != -1) {
-                _address = InetAddress.getByName(host.substring(0, colon));
-                _port = Integer.parseInt(host.substring(colon + 1));
-            } else {
-                _address = InetAddress.getByName(host);
-                _port = DEFAULT_PORT;
+            try {
+                if (colon != -1) {
+                    _address = (InetAddress) AccessController
+                        .doPrivileged(J2DoPrivHelper.getByNameAction(host
+                            .substring(0, colon)));
+                    _port = Integer.parseInt(host.substring(colon + 1));
+                } else {
+                    _address = (InetAddress) AccessController
+                        .doPrivileged(J2DoPrivHelper.getByNameAction(host));
+                    _port = DEFAULT_PORT;
+                }
+            } catch (PrivilegedActionException pae) {
+                throw (UnknownHostException) pae.getException();
             }
             // -1 max wait == as long as it takes
             _socketPool = new GenericObjectPool
@@ -884,12 +904,18 @@
 
             public Object makeObject()
                 throws IOException {
-                Socket s = new Socket(_address, _port);
-                if (log.isTraceEnabled()) {
-                    log.trace(s_loc.get("tcp-open-connection",
-                        _address + ":" + _port, "" + s.getLocalPort()));
+                try {
+                    Socket s = (Socket) AccessController
+                        .doPrivileged(J2DoPrivHelper.newSocketAction(_address,
+                            _port));
+                    if (log.isTraceEnabled()) {
+                        log.trace(s_loc.get("tcp-open-connection", _address
+                            + ":" + _port, "" + s.getLocalPort()));
+                    }
+                    return s;
+                } catch (PrivilegedActionException pae) {
+                    throw (IOException) pae.getException();
                 }
-                return s;
             }
 
             public void destroyObject(Object obj) {

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/AbstractCFMetaDataFactory.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/AbstractCFMetaDataFactory.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/AbstractCFMetaDataFactory.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/AbstractCFMetaDataFactory.java Thu Aug  9 15:27:17 2007
@@ -363,7 +363,8 @@
         for (int i = 0; i < metas.length; i++) {
             if (getSourceFile(metas[i]) == null)
                 setSourceFile(metas[i], defaultSourceFile(metas[i]));
-            if (getSourceFile(metas[i]).exists()) {
+            if (((Boolean) AccessController.doPrivileged(J2DoPrivHelper
+                .existsAction(getSourceFile(metas[i])))).booleanValue()) {
                 if (files == null)
                     files = new HashSet();
                 files.add(getSourceFile(metas[i]));
@@ -490,7 +491,8 @@
         for (Iterator itr = files.iterator(); itr.hasNext();) {
             file = (File) itr.next();
             if (Files.backup(file, false) != null)
-                file.delete();
+                AccessController
+                    .doPrivileged(J2DoPrivHelper.deleteAction(file));
         }
     }
 
@@ -628,7 +630,8 @@
             File file;
             for (Iterator itr = files.iterator(); itr.hasNext();) {
                 file = (File) itr.next();
-                if (file.isDirectory()) {
+                if (((Boolean) AccessController.doPrivileged(J2DoPrivHelper
+                    .isDirectoryAction(file))).booleanValue()) {
                     if (log.isTraceEnabled())
                         log.trace(_loc.get("scanning-directory", file));
                     scan(new FileMetaDataIterator(file, newMetaDataFilter()),
@@ -636,8 +639,15 @@
                 } else if (file.getName().endsWith(".jar")) {
                     if (log.isTraceEnabled())
                         log.trace(_loc.get("scanning-jar", file));
-                    scan(new ZipFileMetaDataIterator(new ZipFile(file),
-                        newMetaDataFilter()), cparser, names, true, file);
+                    try {
+                        ZipFile zFile = (ZipFile) AccessController
+                            .doPrivileged(J2DoPrivHelper
+                                .newZipFileAction(file));
+                        scan(new ZipFileMetaDataIterator(zFile,
+                            newMetaDataFilter()), cparser, names, true, file);
+                    } catch (PrivilegedActionException pae) {
+                        throw (IOException) pae.getException();
+                    }
                 } else {
                     if (log.isTraceEnabled())
                         log.trace(_loc.get("scanning-file", file));
@@ -646,8 +656,9 @@
                     if (log.isTraceEnabled())
                         log.trace(_loc.get("scan-found-names", clss, file));
                     names.addAll(Arrays.asList(clss));
-                    mapPersistentTypeNames(file.getAbsoluteFile().toURL(),
-                        clss);
+                    mapPersistentTypeNames(((File) AccessController
+                        .doPrivileged(J2DoPrivHelper
+                            .getAbsoluteFileAction(file))).toURL(), clss);
                 }
             }
         }
@@ -656,14 +667,19 @@
             for (Iterator itr = urls.iterator(); itr.hasNext();) {
                 url = (URL) itr.next();
                 if ("file".equals(url.getProtocol())) {
-                    File file = new File(url.getFile()).getAbsoluteFile();
+                    File file = (File) AccessController
+                        .doPrivileged(J2DoPrivHelper
+                            .getAbsoluteFileAction(new File(url.getFile()))); 
                     if (files != null && files.contains(file)) {
                         continue;
-                    } else if (file.isDirectory()) {
+                    } else if (((Boolean) AccessController
+                        .doPrivileged(J2DoPrivHelper.isDirectoryAction(file)))
+                        .booleanValue()) {
                         if (log.isTraceEnabled())
                             log.trace(_loc.get("scanning-directory", file));
-                        scan(new FileMetaDataIterator(file, newMetaDataFilter()),
-                                cparser, names, true, file);
+                        scan(
+                            new FileMetaDataIterator(file, newMetaDataFilter()),
+                            cparser, names, true, file);
                         continue;
                     }
                 }

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/InterfaceImplGenerator.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/InterfaceImplGenerator.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/InterfaceImplGenerator.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/meta/InterfaceImplGenerator.java Thu Aug  9 15:27:17 2007
@@ -79,17 +79,22 @@
 
         ClassLoader parentLoader = (ClassLoader) AccessController.doPrivileged(
             J2DoPrivHelper.getClassLoaderAction(iface)); 
-        BCClassLoader loader = new BCClassLoader(_project, parentLoader);
-        BCClassLoader enhLoader = new BCClassLoader(_enhProject, parentLoader);
+        BCClassLoader loader = (BCClassLoader) AccessController
+            .doPrivileged(J2DoPrivHelper.newBCClassLoaderAction(_project,
+                parentLoader));
+        BCClassLoader enhLoader = (BCClassLoader) AccessController
+            .doPrivileged(J2DoPrivHelper.newBCClassLoaderAction(_enhProject,
+                parentLoader));
         BCClass bc = _project.loadClass(getClassName(meta));
         bc.declareInterface(iface);
         ClassMetaData sup = meta.getPCSuperclassMetaData();
         if (sup != null) {
             bc.setSuperclass(sup.getInterfaceImpl());
-            enhLoader = new BCClassLoader(_enhProject,
-                (ClassLoader) AccessController.doPrivileged(
-                    J2DoPrivHelper.getClassLoaderAction(
-                        sup.getInterfaceImpl())));
+            enhLoader = (BCClassLoader) AccessController
+                .doPrivileged(J2DoPrivHelper.newBCClassLoaderAction(
+                    _enhProject, (ClassLoader) AccessController
+                        .doPrivileged(J2DoPrivHelper.getClassLoaderAction(sup
+                            .getInterfaceImpl()))));
         }
 
         FieldMetaData[] fields = meta.getDeclaredFields();

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ClassResolverImpl.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ClassResolverImpl.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ClassResolverImpl.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ClassResolverImpl.java Thu Aug  9 15:27:17 2007
@@ -56,7 +56,8 @@
 
         // construct a multi class loader that will delegate in the order
         // described in section 12.5 of the spec
-        MultiClassLoader loader = new MultiClassLoader();
+        MultiClassLoader loader = (MultiClassLoader) AccessController
+            .doPrivileged(J2DoPrivHelper.newMultiClassLoaderAction());
         if (contextLoader != null)
             loader.addClassLoader(contextLoader);
         loader.addClassLoader(threadLoader);

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/GeneratedClasses.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/GeneratedClasses.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/GeneratedClasses.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/GeneratedClasses.java Thu Aug  9 15:27:17 2007
@@ -63,7 +63,9 @@
      * Load the class represented by the given bytecode.
      */
     public static Class loadBCClass(BCClass bc, ClassLoader loader) {
-        BCClassLoader bcloader = new BCClassLoader(bc.getProject(), loader);
+        BCClassLoader bcloader = (BCClassLoader) AccessController
+                .doPrivileged(J2DoPrivHelper.newBCClassLoaderAction(bc
+                        .getProject(), loader));
         try {
             Class c = Class.forName(bc.getName(), true, bcloader);
             bc.getProject().clear();

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/MultiLoaderClassResolver.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/MultiLoaderClassResolver.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/MultiLoaderClassResolver.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/MultiLoaderClassResolver.java Thu Aug  9 15:27:17 2007
@@ -18,6 +18,9 @@
  */
 package org.apache.openjpa.util;
 
+import java.security.AccessController;
+
+import org.apache.openjpa.lib.util.J2DoPrivHelper;
 import org.apache.openjpa.lib.util.MultiClassLoader;
 
 /**
@@ -28,7 +31,8 @@
  */
 public class MultiLoaderClassResolver implements ClassResolver {
 
-    final private MultiClassLoader _loader = new MultiClassLoader();
+    final private MultiClassLoader _loader = (MultiClassLoader) AccessController
+        .doPrivileged(J2DoPrivHelper.newMultiClassLoaderAction());
 
     public MultiLoaderClassResolver() {
     }

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java Thu Aug  9 15:27:17 2007
@@ -61,7 +61,6 @@
 import serp.bytecode.Code;
 import serp.bytecode.JumpInstruction;
 import serp.bytecode.Project;
-import serp.bytecode.BCClassLoader;
 import serp.util.Strings;
 
 /**
@@ -87,10 +86,12 @@
         _stdCollections.put(List.class, ArrayList.class);
         if (JavaVersions.VERSION >= 5) {
             try {
-                Class queue = Class.forName("java.util.Queue", false,
-                    (ClassLoader) AccessController.doPrivileged(
-                        J2DoPrivHelper.getClassLoaderAction(
-                            Collection.class)));
+                Class queue = (Class) AccessController
+                    .doPrivileged(J2DoPrivHelper.getForNameAction(
+                        "java.util.Queue", false,
+                        (ClassLoader) AccessController
+                            .doPrivileged(J2DoPrivHelper
+                                .getClassLoaderAction(Collection.class))));
                 _stdCollections.put(queue, LinkedList.class);
             } catch (Throwable t) {
                 // not really java 5 after all?

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/Serialization.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/Serialization.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/Serialization.java (original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/Serialization.java Thu Aug  9 15:27:17 2007
@@ -28,6 +28,7 @@
 import java.io.OutputStream;
 import java.io.Serializable;
 import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import org.apache.openjpa.conf.OpenJPAConfiguration;
 import org.apache.openjpa.kernel.StoreContext;
@@ -104,7 +105,12 @@
             throws IOException {
             super(delegate);
             _ctx = ctx;
-            enableReplaceObject(true);
+            AccessController.doPrivileged(new PrivilegedAction() {
+                public Object run() {
+                    enableReplaceObject(true);
+                    return null;
+                }
+            });
         }
 
         protected Object replaceObject(Object obj) {
@@ -123,7 +129,8 @@
 
         protected Class resolveClass(ObjectStreamClass desc) 
             throws IOException, ClassNotFoundException {
-            MultiClassLoader loader = new MultiClassLoader();
+            MultiClassLoader loader = (MultiClassLoader) AccessController
+                .doPrivileged(J2DoPrivHelper.newMultiClassLoaderAction());
             addContextClassLoaders(loader);
             loader.addClassLoader(getClass().getClassLoader());
             loader.addClassLoader(MultiClassLoader.SYSTEM_LOADER);
@@ -153,7 +160,12 @@
             throws IOException {
             super(delegate);
             _ctx = ctx;
-            enableResolveObject(true);
+            AccessController.doPrivileged(new PrivilegedAction() {
+                public Object run() {
+                    enableResolveObject(true);
+                    return null;
+                }
+            });
         }
 
         protected void addContextClassLoaders(MultiClassLoader loader) {

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/ant/AbstractTask.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/ant/AbstractTask.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/ant/AbstractTask.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/ant/AbstractTask.java Thu Aug  9 15:27:17 2007
@@ -189,7 +189,8 @@
             String[] dsFiles = ds.getIncludedFiles();
             for (int j = 0; j < dsFiles.length; j++) {
                 File f = new File(dsFiles[j]);
-                if (!f.isFile())
+                if (!((Boolean) AccessController.doPrivileged(J2DoPrivHelper
+                    .isFileAction(f))).booleanValue())
                     f = new File(ds.getBasedir(), dsFiles[j]);
                 files.add((String) AccessController.doPrivileged(
                     J2DoPrivHelper.getAbsolutePathAction(f)));

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/ConfigurationImpl.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/ConfigurationImpl.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/ConfigurationImpl.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/ConfigurationImpl.java Thu Aug  9 15:27:17 2007
@@ -40,6 +40,7 @@
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
 import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
@@ -164,7 +165,8 @@
      * {@link ProductDerivation}s, and from System properties.
      */
     public boolean loadGlobals() {
-        MultiClassLoader loader = new MultiClassLoader();
+        MultiClassLoader loader = (MultiClassLoader) AccessController
+            .doPrivileged(J2DoPrivHelper.newMultiClassLoaderAction()); 
         loader.addClassLoader((ClassLoader) AccessController.doPrivileged(
             J2DoPrivHelper.getContextClassLoaderAction()));
         loader.addClassLoader(getClass().getClassLoader());

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/Configurations.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/Configurations.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/Configurations.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/conf/Configurations.java Thu Aug  9 15:27:17 2007
@@ -294,11 +294,13 @@
             }
 
             File file = new File(path);
-            if (file.isFile())
+            if (((Boolean) AccessController.doPrivileged(J2DoPrivHelper
+                .isFileAction(file))).booleanValue())
                 provider = ProductDerivations.load(file, anchor, null);
             else {
                 file = new File("META-INF" + File.separatorChar + path);
-                if (file.isFile())
+                if (((Boolean) AccessController.doPrivileged(J2DoPrivHelper
+                    .isFileAction(file))).booleanValue())
                     provider = ProductDerivations.load(file, anchor, null);
                 else
                     provider = ProductDerivations.load(path, anchor, null);

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClassMetaDataIterator.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClassMetaDataIterator.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClassMetaDataIterator.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClassMetaDataIterator.java Thu Aug  9 15:27:17 2007
@@ -75,7 +75,8 @@
         }
 
         if (loader == null) {
-            MultiClassLoader multi = new MultiClassLoader();
+            MultiClassLoader multi = (MultiClassLoader) AccessController
+                .doPrivileged(J2DoPrivHelper.newMultiClassLoaderAction());
             multi.addClassLoader(multi.SYSTEM_LOADER);
             multi.addClassLoader(multi.THREAD_LOADER);
             multi.addClassLoader(getClass().getClassLoader());

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClasspathMetaDataIterator.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClasspathMetaDataIterator.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClasspathMetaDataIterator.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ClasspathMetaDataIterator.java Thu Aug  9 15:27:17 2007
@@ -21,6 +21,7 @@
 import java.io.File;
 import java.io.IOException;
 import java.security.AccessController;
+import java.security.PrivilegedActionException;
 import java.util.Properties;
 import java.util.zip.ZipFile;
 
@@ -64,11 +65,18 @@
             if (!((Boolean) AccessController.doPrivileged(
                 J2DoPrivHelper.existsAction(file))).booleanValue())
                 continue;
-            if (file.isDirectory())
+            if (((Boolean) AccessController.doPrivileged(J2DoPrivHelper
+                .isDirectoryAction(file))).booleanValue())
                 addIterator(new FileMetaDataIterator(file, filter));
-            else if (tokens[i].endsWith(".jar"))
-                addIterator(new ZipFileMetaDataIterator(new ZipFile(file),
-                    filter));
+            else if (tokens[i].endsWith(".jar")) {
+                try {
+                    ZipFile zFile = (ZipFile) AccessController
+                        .doPrivileged(J2DoPrivHelper.newZipFileAction(file));
+                    addIterator(new ZipFileMetaDataIterator(zFile, filter));
+                } catch (PrivilegedActionException pae) {
+                    throw (IOException) pae.getException();
+                }
+            }
         }
     }
 

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/FileMetaDataIterator.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/FileMetaDataIterator.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/FileMetaDataIterator.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/FileMetaDataIterator.java Thu Aug  9 15:27:17 2007
@@ -92,7 +92,8 @@
             if (filter.matches(rsrc))
                 metas.add(file);
             else {
-                File[] files = file.listFiles();
+                File[] files = (File[]) AccessController
+                    .doPrivileged(J2DoPrivHelper.listFilesAction(file)); 
                 if (files != null)
                     for (int i = 0; i < files.length; i++)
                         scanned = scan(files[i], filter, rsrc, metas, scanned);
@@ -110,7 +111,8 @@
             throw new NoSuchElementException();
 
         _file = (File) _itr.next();
-        return _file.getAbsoluteFile().toURL();
+        return ((File) AccessController.doPrivileged(J2DoPrivHelper
+            .getAbsoluteFileAction(_file))).toURL();
     }
 
     public InputStream getInputStream() throws IOException {

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ResourceMetaDataIterator.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ResourceMetaDataIterator.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ResourceMetaDataIterator.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/ResourceMetaDataIterator.java Thu Aug  9 15:27:17 2007
@@ -57,7 +57,8 @@
     public ResourceMetaDataIterator(String rsrc, ClassLoader loader)
         throws IOException {
         if (loader == null) {
-            MultiClassLoader multi = new MultiClassLoader();
+            MultiClassLoader multi = (MultiClassLoader) AccessController
+                .doPrivileged(J2DoPrivHelper.newMultiClassLoaderAction());
             multi.addClassLoader(multi.SYSTEM_LOADER);
             multi.addClassLoader(multi.THREAD_LOADER);
             multi.addClassLoader(getClass().getClassLoader());

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/XMLMetaDataParser.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/XMLMetaDataParser.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/XMLMetaDataParser.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/meta/XMLMetaDataParser.java Thu Aug  9 15:27:17 2007
@@ -271,7 +271,8 @@
     public void parse(File file) throws IOException {
         if (file == null)
             return;
-        if (!file.isDirectory())
+        if (!((Boolean) AccessController.doPrivileged(J2DoPrivHelper
+            .isDirectoryAction(file))).booleanValue())
             parse(new FileMetaDataIterator(file));
         else {
             String suff = (_suffix == null) ? "" : _suffix;

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java (original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java Thu Aug  9 15:27:17 2007
@@ -23,19 +23,31 @@
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.IOException;
+import java.lang.reflect.AccessibleObject;
+import java.net.InetAddress;
+import java.net.ServerSocket;
+import java.net.Socket;
 import java.net.URL;
 import java.net.URLConnection;
+import java.net.UnknownHostException;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.security.PrivilegedExceptionAction;
+import java.util.zip.ZipFile;
+
 import serp.bytecode.BCClass;
+import serp.bytecode.BCClassLoader;
 import serp.bytecode.Code;
+import serp.bytecode.FieldInstruction;
+import serp.bytecode.Project;
 
 /**
  * Helper class to obtain the Privilege(Exception)Action object to perform
  * Java 2 doPrivilege security sensitive function call in the following
  * methods:
  * <ul>
+ * <li>AccessibleObject.setAccessible
+ * <li>Class.forName
  * <li>Class.getClassLoader
  * <li>Class.getDeclaredField
  * <li>Class.getDeclaredFields
@@ -47,21 +59,36 @@
  * <li>ClassLoader.getResource
  * <li>ClassLoader.getResources
  * <li>ClassLoader.getSystemClassLoader
+ * <li>File.delete
  * <li>File.exists
+ * <li>File.getAbsoluteFile
  * <li>File.getAbsolutePath
  * <li>File.getCanonicalPath
+ * <li>File.listFiles
  * <li>File.length
+ * <li>File.isDirectory
  * <li>File.mkdirs
  * <li>File.renameTo
  * <li>FileInputStream new
  * <li>FileOutputStream new
  * <li>System.getProperties
+ * <li>InetAddress.getByName
+ * <li>MultiClassLoader new
+ * <li>ServerSocket new
+ * <li>Socket new
+ * <li>Socket.accept
  * <li>System.getProperty
  * <li>Thread.getContextClassLoader
+ * <li>TemporaryClassLoader new
  * <li>URL.openStream
  * <li>URLConnection.getContent
+ * <li>ZipFile new
  * <li>serp.bytecode.Code new
- * <li>serp.bytecode.BCClass.isInstanceOf
+ * <li>serp.bytecode.BCClassLoader new
+ * <li>serp.bytecode.BCClass.write
+ * <li>serp.bytecode.BCClass.getFields
+ * <li>serp.bytecode.FieldInstruction.getField
+ * <li>serp.bytecode.Project.loadClass
  * </ul>
  * 
  * If these methods are used, the following sample usage patterns should be
@@ -145,6 +172,45 @@
     }
 
     /**
+     * Return a PrivilegeAction object for aObj.setAccessible().
+     * 
+     * Requires security policy: 'permission java.lang.reflect.ReflectPermission
+     * "suppressAccessChecks";'
+     */
+    public static final PrivilegedAction setAccessibleAction(
+        final AccessibleObject aObj, final boolean flag) {
+        return new PrivilegedAction() {
+            public Object run() {
+                aObj.setAccessible(flag);
+                return (Object) null;
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for Class.forName().
+     * 
+     * Notes: doPriv of Class.forName call is required only if the input
+     * classloader argument is null. E.g.
+     * 
+     * Class.forName("x", false, Collection.class.getClassLoader());
+     * 
+     * Requires security policy: 'permission java.lang.RuntimePermission
+     * "getClassLoader";'
+     * 
+     * @return Classloader
+     */
+    public static final PrivilegedExceptionAction getForNameAction(
+        final String className, final boolean initializeBoolean,
+        final ClassLoader classLoader) {
+        return new PrivilegedExceptionAction() {
+            public Object run() throws ClassNotFoundException {
+                return Class.forName(className, initializeBoolean, classLoader);
+            }
+        };
+    }
+
+    /**
      * Return a PrivilegeAction object for clazz.getClassloader().
      * 
      * Notes: No doPrivilege wrapping is required in the caller if:
@@ -345,6 +411,22 @@
     }
 
     /**
+     * Return a PrivilegeAction object for f.delete().
+     * 
+     * Requires security policy:
+     *   'permission java.io.FilePermission "delete";'
+     * 
+     * @return Boolean
+     */
+    public static final PrivilegedAction deleteAction(final File f) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return f.delete() ? Boolean.TRUE : Boolean.FALSE;
+            }
+        };
+    }
+
+    /**
      * Return a PrivilegeAction object for f.exists().
      * 
      * Requires security policy:
@@ -365,6 +447,22 @@
     }
 
     /**
+     * Return a PrivilegeAction object for f.getAbsoluteFile().
+     * 
+     * Requires security policy:
+     *   'permission java.util.PropertyPermission "read";'
+     * 
+     * @return File
+     */
+    public static final PrivilegedAction getAbsoluteFileAction(final File f) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return f.getAbsoluteFile();
+            }
+        };
+    }
+
+    /**
      * Return a PrivilegeAction object for f.getAbsolutePath().
      * 
      * Requires security policy:
@@ -399,6 +497,38 @@
     }
 
     /**
+     * Return a PrivilegeAction object for f.isDirectory().
+     * 
+     * Requires security policy:
+     *   'permission java.io.FilePermission "read";'
+     * 
+     * @return Boolean
+     */
+    public static final PrivilegedAction isDirectoryAction(final File f) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return f.isDirectory() ? Boolean.TRUE : Boolean.FALSE;
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for f.isFile().
+     * 
+     * Requires security policy:
+     *   'permission java.io.FilePermission "read";'
+     * 
+     * @return Boolean
+     */
+    public static final PrivilegedAction isFileAction(final File f) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return f.isFile() ? Boolean.TRUE : Boolean.FALSE;
+            }
+        };
+    }
+
+    /**
      * Return a PrivilegeAction object for f.length().
      * 
      * Requires security policy:
@@ -415,6 +545,22 @@
     }
 
     /**
+     * Return a PrivilegeAction object for f.listFiles().
+     * 
+     * Requires security policy:
+     *   'permission java.io.FilePermission "read";'
+     * 
+     * @return File[]
+     */
+    public static final PrivilegedAction listFilesAction(final File f) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return f.listFiles();
+            }
+        };
+    }
+
+    /**
      * Return a PrivilegeAction object for f.mkdirs().
      * 
      * Requires security policy:
@@ -502,6 +648,78 @@
     }
 
     /**
+     * Return a PrivilegedExceptionAction object for InetAdress.getByName().
+     * 
+     * Requires security policy:
+     *   'permission java.net.SocketPermission "connect";'
+     * 
+     * @return InetAddress
+     * @throws UnknownHostException
+     */
+    public static final PrivilegedExceptionAction getByNameAction(
+        final String hostname) throws UnknownHostException {
+        return new PrivilegedExceptionAction() {
+            public Object run() throws UnknownHostException {
+                return InetAddress.getByName(hostname);
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegedExceptionAction object for new Socket().
+     * 
+     * Requires security policy:
+     *   'permission java.net.SocketPermission "connect";'
+     * 
+     * @return Socket
+     * @throws IOException
+     */
+    public static final PrivilegedExceptionAction newSocketAction(
+        final InetAddress host, final int port) throws IOException {
+        return new PrivilegedExceptionAction() {
+            public Object run() throws IOException {
+                return new Socket(host, port);
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegedExceptionAction object for new ServerSocket().
+     * 
+     * Requires security policy:
+     *   'permission java.net.SocketPermission "listen";'
+     * 
+     * @return ServerSocket
+     * @throws IOException
+     */
+    public static final PrivilegedExceptionAction newServerSocketAction(
+        final int port) throws IOException {
+        return new PrivilegedExceptionAction() {
+            public Object run() throws IOException {
+                return new ServerSocket(port);
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegedExceptionAction object for ServerSocket.accept().
+     * 
+     * Requires security policy:
+     *   'permission java.net.SocketPermission "listen";'
+     * 
+     * @return Socket
+     * @throws IOException
+     */
+    public static final PrivilegedExceptionAction acceptAction(
+        final ServerSocket ss) throws IOException {
+        return new PrivilegedExceptionAction() {
+            public Object run() throws IOException {
+                return ss.accept();
+            }
+        };
+    }
+
+    /**
      * Return a PrivilegeAction object for System.getProperties().
      * 
      * Requires security policy:
@@ -587,6 +805,24 @@
     }
 
     /**
+     * Return a PrivilegedExceptionAction object for new ZipFile().
+     * 
+     * Requires security policy:
+     *   'permission java.io.FilePermission "read";'
+     * 
+     * @return ZipFile
+     * @throws IOException
+     */
+    public static final PrivilegedExceptionAction newZipFileAction(final File f)
+        throws IOException {
+        return new PrivilegedExceptionAction() {
+            public Object run() throws IOException {
+                return new ZipFile(f);
+            }
+        };
+    }
+
+    /**
      * Return a PrivilegeAction object for new serp.bytecode.Code().
      * 
      * Requires security policy:
@@ -598,6 +834,135 @@
         return new PrivilegedAction() {
             public Object run() {
                 return new Code();
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for new TemporaryClassLoader().
+     * 
+     * Requires security policy:
+     *   'permission java.lang.RuntimePermission "createClassLoader";'
+     *   
+     * @return TemporaryClassLoader
+     */
+    public static final PrivilegedAction newTemporaryClassLoaderAction(
+        final ClassLoader parent) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return new TemporaryClassLoader(parent);
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for new MultiClassLoader().
+     * 
+     * Requires security policy:
+     *   'permission java.lang.RuntimePermission "createClassLoader";'
+     *   
+     * @return MultiClassLoader
+     */
+    public static final PrivilegedAction newMultiClassLoaderAction() {
+        return new PrivilegedAction() {
+            public Object run() {
+                return new MultiClassLoader();
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for new BCClassLoader().
+     * 
+     * Requires security policy:
+     *   'permission java.lang.RuntimePermission "createClassLoader";'
+     *   
+     * @return BCClassLoader
+     */
+    public static final PrivilegedAction newBCClassLoaderAction(
+        final Project project, final ClassLoader parent) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return new BCClassLoader(project, parent);
+            }
+        };
+    }
+
+    public static final PrivilegedAction newBCClassLoaderAction(
+        final Project project) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return new BCClassLoader(project);
+            }
+        };
+    }
+    
+    /**
+     * Return a PrivilegedExceptionAction object for BCClass.write().
+     * 
+     * Requires security policy:
+     *   'permission java.io.FilePermission "write";'
+     * 
+     * @return File
+     * @throws IOException
+     */
+    public static final PrivilegedExceptionAction bCClassWrite(
+        final BCClass bc, final File f) throws IOException {
+        return new PrivilegedExceptionAction() {
+            public Object run() throws IOException {
+                bc.write(f);
+                return null;
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for BCClass.getFields().
+     * 
+     * Requires security policy:
+     *   'permission java.lang.RuntimePermission "getClassLoader";'
+     *   
+     * @return BCField
+     */
+    public static final PrivilegedAction getBCClassFieldsAction(
+        final BCClass bcClass, final String fieldName) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return bcClass.getFields(fieldName);
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for FieldInstruction.getField().
+     * 
+     * Requires security policy:
+     *   'permission java.lang.RuntimePermission "getClassLoader";'
+     *   
+     * @return BCField
+     */
+    public static final PrivilegedAction getFieldInstructionFieldAction(
+        final FieldInstruction instruction) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return instruction.getField();
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegeAction object for Project.loadClass().
+     * 
+     * Requires security policy:
+     *   'permission java.lang.RuntimePermission "createClassLoader";'
+     *   
+     * @return BCClass
+     */
+    public static final PrivilegedAction loadProjectClassAction(
+        final Project project, final Class clazz) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return project.loadClass(clazz);
             }
         };
     }

Propchange: openjpa/trunk/openjpa-persistence/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Thu Aug  9 15:27:17 2007
@@ -1,2 +1 @@
-
 target

Propchange: openjpa/trunk/openjpa-persistence-jdbc/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Thu Aug  9 15:27:17 2007
@@ -1 +1,3 @@
 target
+
+subs

Added: openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.jse.policy
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.jse.policy?view=auto&rev=564408
==============================================================================
--- openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.jse.policy (added)
+++ openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.jse.policy Thu Aug  9 15:27:17 2007
@@ -0,0 +1,62 @@
+// ================================================================
+// Example JSE Java 2 security policy required by OpenJPA.
+//
+//   -Djava.security.manager -Djava.security.policy=C:\j2.security.jse.policy
+
+// ----------------------------------------------------------------
+// Application:  E.g.
+//   -Dapplication=file:///C:/com/my/appl/classes
+
+grant CodeBase "${application}/-" {
+
+    // Allows Persistence.createEntityManagerFacotry() to read META-INF/*
+    permission java.io.FilePermission   "<<ALL FILES>>", "read";
+};
+
+// ----------------------------------------------------------------
+// Derby:  E.g.
+//   -Dderby.base="file:///C:\.m2\repository\org\apache\derby\derby\10.2.2.0
+
+grant CodeBase "${derby.base}/-" {
+
+    permission java.io.FilePermission   "<<ALL FILES>>", "read,write,delete";
+    permission java.lang.RuntimePermission               "createClassLoader";
+    permission java.util.PropertyPermission         "*", "read";
+};
+
+// ----------------------------------------------------------------
+// DB2:  E.g.
+//  -db2.base=file:///C:/sqllib/java
+
+grant CodeBase "${db2.base}/-" {
+
+    permission java.lang.RuntimePermission               "loadLibrary.*";
+    permission java.util.PropertyPermission         "*", "read";
+};
+
+
+// ================================================================
+// The following permissions are required by OpenJPA implementation.
+
+// ----------------------------------------------------------------
+// Serp:  E.g.
+//  -Dserp.base="file:///C:\.m2\repository\net\sourceforge\serp\serp\1.11.0"
+
+grant CodeBase "${serp.base}/-" {
+
+    permission java.io.FilePermission   "<<ALL FILES>>", "read,write";
+    permission java.lang.RuntimePermission               "createClassLoader";
+};
+
+// ----------------------------------------------------------------
+// OpeJPA:  E.g.
+//  -Dopenjpa.base=file:///C:\openjpa.cur\openjpa-all\target
+
+grant CodeBase "${openjpa.base}/-" {
+
+    permission java.io.FilePermission   "<<ALL FILES>>", "read,write";
+    permission java.lang.RuntimePermission               "createClassLoader";
+    permission java.lang.reflect.ReflectPermission       "suppressAccessChecks";
+    permission java.util.PropertyPermission         "*", "read";
+};
+

Modified: openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.test.policy
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.test.policy?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.test.policy (original)
+++ openjpa/trunk/openjpa-persistence-jdbc/src/test/resources/j2.security.test.policy Thu Aug  9 15:27:17 2007
@@ -35,48 +35,3 @@
     permission java.util.PropertyPermission     "*",                "read,write";
 };
 
-
-// ================================================================
-// The following permissions are required by OpenJPA implementation.
-grant CodeBase "${application}/openjpa-1.0.0-SNAPSHOT.jar" {
-
-    // class.getClassLoader()
-    // thread.getContextClassLoader()
-    // classloader.getParent()
-    // classloader.getSystemClassLoader()
-    // new serp.bytecode.Code()
-    // serp.bytecode.BCClass.isInstanceOf()
-    // class.newInstance()
-    //
-    permission java.lang.RuntimePermission                          "getClassLoader";
-
-    // urlConnection.getContext()
-    // url.openStream()
-    // classloader.getResource()
-    // classloader.getResources()
-    // new FileInputStream()
-    // file.exists()
-    //
-    permission java.io.FilePermission           "<<ALL FILES>>",    "read";
-
-    // file.mkdirs()
-    // file.renameTo()
-    // new FileOutputStream()
-    //
-    permission java.io.FilePermission           "<<ALL FILES>>",    "write";
-
-    // class.getDeclaredField()
-    // class.getDeclaredFields()
-    // class.getDeclaredMethod()
-    // class.getDeclaredMethods()
-    //
-    permission java.lang.RuntimePermission                          "accessDeclaredMembers";
-
-    // System.getProperty()
-    // System.getPrperties()
-    // File.getAbsolutePath()
-    // File.getCanonicalPath()
-    //
-    permission java.util.PropertyPermission     "*",                "read";
-};
-

Modified: openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/AnnotationPersistenceMetaDataSerializer.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/AnnotationPersistenceMetaDataSerializer.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/AnnotationPersistenceMetaDataSerializer.java (original)
+++ openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/AnnotationPersistenceMetaDataSerializer.java Thu Aug  9 15:27:17 2007
@@ -19,6 +19,7 @@
 package org.apache.openjpa.persistence;
 
 import org.apache.openjpa.lib.meta.SourceTracker;
+import org.apache.openjpa.lib.util.J2DoPrivHelper;
 import org.apache.openjpa.lib.util.Localizer;
 import org.apache.openjpa.lib.util.JavaVersions;
 import org.apache.openjpa.lib.log.Log;
@@ -29,6 +30,8 @@
 import org.apache.openjpa.util.InternalException;
 import org.apache.commons.lang.StringUtils;
 
+import java.security.AccessController;
+import java.security.PrivilegedActionException;
 import java.util.*;
 import java.io.File;
 import java.io.IOException;
@@ -1194,10 +1197,15 @@
     }
 
     public void serialize(File file, int flags) throws IOException {
-        FileWriter out = new FileWriter(file.getCanonicalPath(),
-            (flags & APPEND) > 0);
-        serialize(out, flags);
-        out.close();
+        try {
+            FileWriter out = new FileWriter((String) AccessController
+                .doPrivileged(J2DoPrivHelper.getCanonicalPathAction(file)),
+                (flags & APPEND) > 0);
+            serialize(out, flags);
+            out.close();
+        } catch (PrivilegedActionException pae) {
+            throw (IOException) pae.getException();
+        }
     }
 
     public void serialize(Writer out, int flags) throws IOException {

Modified: openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceProductDerivation.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceProductDerivation.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceProductDerivation.java (original)
+++ openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceProductDerivation.java Thu Aug  9 15:27:17 2007
@@ -204,7 +204,8 @@
         String[] prefixes = ProductDerivations.getConfigurationPrefixes();
         String rsrc = null;
         for (int i = 0; i < prefixes.length && StringUtils.isEmpty(rsrc); i++)
-           rsrc = System.getProperty(prefixes[i] + ".properties"); 
+           rsrc = (String) AccessController.doPrivileged(J2DoPrivHelper
+                .getPropertyAction(prefixes[i] + ".properties")); 
         boolean explicit = !StringUtils.isEmpty(rsrc);
         String anchor = null;
         int idx = (!explicit) ? -1 : rsrc.lastIndexOf('#');

Modified: openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceUnitInfoImpl.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceUnitInfoImpl.java?view=diff&rev=564408&r1=564407&r2=564408
==============================================================================
--- openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceUnitInfoImpl.java (original)
+++ openjpa/trunk/openjpa-persistence/src/main/java/org/apache/openjpa/persistence/PersistenceUnitInfoImpl.java Thu Aug  9 15:27:17 2007
@@ -93,9 +93,9 @@
     }
 
     public ClassLoader getNewTempClassLoader() {
-        return new TemporaryClassLoader(
-            (ClassLoader) AccessController.doPrivileged(
-                J2DoPrivHelper.getContextClassLoaderAction()));
+        return (ClassLoader) AccessController.doPrivileged(J2DoPrivHelper
+            .newTemporaryClassLoaderAction((ClassLoader) AccessController
+                .doPrivileged(J2DoPrivHelper.getContextClassLoaderAction())));
     }
 
     public String getPersistenceUnitName() {
@@ -201,7 +201,8 @@
     }
 
     public void addJarFileName(String name) {
-        MultiClassLoader loader = new MultiClassLoader();
+        MultiClassLoader loader = (MultiClassLoader) AccessController
+            .doPrivileged(J2DoPrivHelper.newMultiClassLoaderAction());
         loader.addClassLoader(getClass().getClassLoader());
         loader.addClassLoader(MultiClassLoader.THREAD_LOADER);
         URL url = (URL) AccessController.doPrivileged(



Mime
View raw message