Author: kwsutter
Date: Fri Aug 31 09:53:43 2007
New Revision: 571522
URL: http://svn.apache.org/viewvc?rev=571522&view=rev
Log:
OPENJPA-339. Committing Albert's Java 2 Security changes. Hopefully, this is the last batch
of changes... :-)
Modified:
openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java?rev=571522&r1=571521&r2=571522&view=diff
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
(original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
Fri Aug 31 09:53:43 2007
@@ -18,6 +18,7 @@
*/
package org.apache.openjpa.datacache;
+import java.security.AccessController;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.Calendar;
@@ -28,6 +29,7 @@
import org.apache.openjpa.conf.OpenJPAConfiguration;
import org.apache.openjpa.lib.log.Log;
+import org.apache.openjpa.lib.util.J2DoPrivHelper;
import org.apache.openjpa.lib.util.Localizer;
import org.apache.openjpa.lib.util.concurrent.ConcurrentHashMap;
import org.apache.openjpa.util.InvalidStateException;
@@ -97,7 +99,9 @@
_caches.put(cache, schedule);
_stop = false;
if (_thread == null) {
- _thread = new Thread(this, _loc.get("scheduler-name").getMessage());
+ _thread = (Thread) AccessController
+ .doPrivileged(J2DoPrivHelper.newThreadAction(this, _loc.get(
+ "scheduler-name").getMessage()));
_thread.setDaemon(true);
_thread.start();
if (_log.isTraceEnabled())
Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java?rev=571522&r1=571521&r2=571522&view=diff
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
(original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
Fri Aug 31 09:53:43 2007
@@ -26,6 +26,7 @@
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.security.AccessController;
+import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.sql.Timestamp;
import java.util.ArrayList;
@@ -438,7 +439,7 @@
* Return the cached factory proxy for the given bean type.
*/
private ProxyBean getFactoryProxyBean(Object orig) {
- Class type = orig.getClass();
+ final Class type = orig.getClass();
if (isUnproxyable(type))
return null;
@@ -449,7 +450,12 @@
ProxyBean.class);
Class pcls = loadBuildTimeProxy(type, l);
if (pcls == null) {
- BCClass bc = generateProxyBeanBytecode(type, true);
+ BCClass bc = (BCClass) AccessController
+ .doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return generateProxyBeanBytecode(type, true);
+ }
+ });
if (bc != null)
pcls = GeneratedClasses.loadBCClass(bc, l);
}
@@ -1601,7 +1607,7 @@
}));
}
- ProxyManagerImpl mgr = new ProxyManagerImpl();
+ final ProxyManagerImpl mgr = new ProxyManagerImpl();
Class cls;
BCClass bc;
for (int i = 0; i < types.size(); i++) {
@@ -1623,8 +1629,15 @@
bc = mgr.generateProxyDateBytecode(cls, false);
else if (Calendar.class.isAssignableFrom(cls))
bc = mgr.generateProxyCalendarBytecode(cls, false);
- else
- bc = mgr.generateProxyBeanBytecode(cls, false);
+ else {
+ final Class fCls = cls;
+ bc = (BCClass) AccessController
+ .doPrivileged(new PrivilegedAction() {
+ public Object run() {
+ return mgr.generateProxyBeanBytecode(fCls, false);
+ }
+ });
+ }
System.out.println(bc.getName());
bc.write(new File(dir, bc.getClassName() + ".class"));
Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java?rev=571522&r1=571521&r2=571522&view=diff
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
(original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
Fri Aug 31 09:53:43 2007
@@ -81,6 +81,7 @@
* <li>Socket.accept
* <li>System.getProperty
* <li>Thread.getContextClassLoader
+ * <li>Thread new
* <li>TemporaryClassLoader new
* <li>URL.openStream
* <li>URLConnection.getContent
@@ -784,6 +785,23 @@
return new PrivilegedAction() {
public Object run() {
return Thread.currentThread().getContextClassLoader();
+ }
+ };
+ }
+
+ /**
+ * Return a PrivilegedAction object for new Thread().
+ *
+ * Requires security policy:
+ * 'permission java.lang.RuntimePermission "modifyThreadGroup";'
+ *
+ * @return Thread
+ */
+ public static final PrivilegedAction newThreadAction(
+ final Runnable target, final String name) {
+ return new PrivilegedAction() {
+ public Object run() {
+ return new Thread(target, name);
}
};
}
|