openjpa-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kwsut...@apache.org
Subject svn commit: r571522 - in /openjpa/trunk: openjpa-kernel/src/main/java/org/apache/openjpa/datacache/ openjpa-kernel/src/main/java/org/apache/openjpa/util/ openjpa-lib/src/main/java/org/apache/openjpa/lib/util/
Date Fri, 31 Aug 2007 16:53:45 GMT
Author: kwsutter
Date: Fri Aug 31 09:53:43 2007
New Revision: 571522

URL: http://svn.apache.org/viewvc?rev=571522&view=rev
Log:
OPENJPA-339.  Committing Albert's Java 2 Security changes.  Hopefully, this is the last batch
of changes...  :-)

Modified:
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java?rev=571522&r1=571521&r2=571522&view=diff
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
(original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/datacache/DataCacheScheduler.java
Fri Aug 31 09:53:43 2007
@@ -18,6 +18,7 @@
  */
 package org.apache.openjpa.datacache;
 
+import java.security.AccessController;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
 import java.util.Calendar;
@@ -28,6 +29,7 @@
 
 import org.apache.openjpa.conf.OpenJPAConfiguration;
 import org.apache.openjpa.lib.log.Log;
+import org.apache.openjpa.lib.util.J2DoPrivHelper;
 import org.apache.openjpa.lib.util.Localizer;
 import org.apache.openjpa.lib.util.concurrent.ConcurrentHashMap;
 import org.apache.openjpa.util.InvalidStateException;
@@ -97,7 +99,9 @@
         _caches.put(cache, schedule);
         _stop = false;
         if (_thread == null) {
-            _thread = new Thread(this, _loc.get("scheduler-name").getMessage());
+            _thread = (Thread) AccessController
+                .doPrivileged(J2DoPrivHelper.newThreadAction(this, _loc.get(
+                    "scheduler-name").getMessage()));
             _thread.setDaemon(true);
             _thread.start();
             if (_log.isTraceEnabled())

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java?rev=571522&r1=571521&r2=571522&view=diff
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
(original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/util/ProxyManagerImpl.java
Fri Aug 31 09:53:43 2007
@@ -26,6 +26,7 @@
 import java.lang.reflect.Method;
 import java.lang.reflect.Modifier;
 import java.security.AccessController;
+import java.security.PrivilegedAction;
 import java.security.PrivilegedActionException;
 import java.sql.Timestamp;
 import java.util.ArrayList;
@@ -438,7 +439,7 @@
      * Return the cached factory proxy for the given bean type.
      */
     private ProxyBean getFactoryProxyBean(Object orig) {
-        Class type = orig.getClass();
+        final Class type = orig.getClass();
         if (isUnproxyable(type))
             return null;
 
@@ -449,7 +450,12 @@
                 ProxyBean.class);
             Class pcls = loadBuildTimeProxy(type, l);
             if (pcls == null) {
-                BCClass bc = generateProxyBeanBytecode(type, true);
+                BCClass bc = (BCClass) AccessController
+                    .doPrivileged(new PrivilegedAction() {
+                        public Object run() {
+                            return generateProxyBeanBytecode(type, true);
+                        }
+                    });
                 if (bc != null)
                     pcls = GeneratedClasses.loadBCClass(bc, l);
             }
@@ -1601,7 +1607,7 @@
             })); 
         }
 
-        ProxyManagerImpl mgr = new ProxyManagerImpl();
+        final ProxyManagerImpl mgr = new ProxyManagerImpl();
         Class cls;
         BCClass bc;
         for (int i = 0; i < types.size(); i++) {
@@ -1623,8 +1629,15 @@
                 bc = mgr.generateProxyDateBytecode(cls, false);
             else if (Calendar.class.isAssignableFrom(cls))
                 bc = mgr.generateProxyCalendarBytecode(cls, false);
-            else
-                bc = mgr.generateProxyBeanBytecode(cls, false);
+            else {
+                final Class fCls = cls;
+                bc = (BCClass) AccessController
+                    .doPrivileged(new PrivilegedAction() {
+                        public Object run() {
+                            return mgr.generateProxyBeanBytecode(fCls, false);
+                        }
+                    });
+            }
 
             System.out.println(bc.getName());
             bc.write(new File(dir, bc.getClassName() + ".class"));

Modified: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java?rev=571522&r1=571521&r2=571522&view=diff
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
(original)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/util/J2DoPrivHelper.java
Fri Aug 31 09:53:43 2007
@@ -81,6 +81,7 @@
  * <li>Socket.accept
  * <li>System.getProperty
  * <li>Thread.getContextClassLoader
+ * <li>Thread new
  * <li>TemporaryClassLoader new
  * <li>URL.openStream
  * <li>URLConnection.getContent
@@ -784,6 +785,23 @@
         return new PrivilegedAction() {
             public Object run() {
                 return Thread.currentThread().getContextClassLoader();
+            }
+        };
+    }
+
+    /**
+     * Return a PrivilegedAction object for new Thread().
+     * 
+     * Requires security policy:
+     *   'permission java.lang.RuntimePermission "modifyThreadGroup";'
+     * 
+     * @return Thread
+     */
+    public static final PrivilegedAction newThreadAction(
+        final Runnable target, final String name) {
+        return new PrivilegedAction() {
+            public Object run() {
+                return new Thread(target, name);
             }
         };
     }



Mime
View raw message