ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1171246 - /webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSConfig.java
Date Thu, 15 Sep 2011 19:53:41 GMT
Author: dkulp
Date: Thu Sep 15 19:53:41 2011
New Revision: 1171246

URL: http://svn.apache.org/viewvc?rev=1171246&view=rev
Log:
Use access controller for a few things to allow restricting with a
SecurityManager

Modified:
    webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSConfig.java

Modified: webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSConfig.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSConfig.java?rev=1171246&r1=1171245&r2=1171246&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSConfig.java (original)
+++ webservices/wss4j/trunk/src/main/java/org/apache/ws/security/WSSConfig.java Thu Sep 15
19:53:41 2011
@@ -20,6 +20,9 @@
 package org.apache.ws.security;
 
 import java.lang.reflect.Field;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
 import java.security.Provider;
 import java.security.Security;
 import java.util.HashMap;
@@ -361,21 +364,30 @@ public class WSSConfig {
         boolean wasSet = false;
         try {
             // Don't override if it was set explicitly
-            String lineBreakPropName = "org.apache.xml.security.ignoreLineBreaks";
-            if (System.getProperty(lineBreakPropName) == null) {
-                System.setProperty(lineBreakPropName, "true");
-            } else {
-                wasSet = true;
-            }
+            wasSet = AccessController.doPrivileged(new PrivilegedAction<Boolean>()
{
+                public Boolean run() {
+                    String lineBreakPropName = "org.apache.xml.security.ignoreLineBreaks";
+                    if (System.getProperty(lineBreakPropName) == null) {
+                        System.setProperty(lineBreakPropName, "true");
+                        return false;
+                    }
+                    return true; 
+                }
+            });
         } catch (Throwable t) { //NOPMD
             //ignore
         }
         org.apache.xml.security.Init.init();
         if (!wasSet) {
             try {
-                Field f = XMLUtils.class.getDeclaredField("ignoreLineBreaks");
-                f.setAccessible(true);
-                f.set(null, Boolean.TRUE);
+                AccessController.doPrivileged(new PrivilegedExceptionAction<Boolean>()
{
+                    public Boolean run() throws Exception {
+                        Field f = XMLUtils.class.getDeclaredField("ignoreLineBreaks");
+                        f.setAccessible(true);
+                        f.set(null, Boolean.TRUE);
+                        return false;
+                    }
+                });
             } catch (Throwable t) { //NOPMD
                 //ignore
             }
@@ -386,12 +398,17 @@ public class WSSConfig {
         if (!staticallyInitialized) {
             setXmlSecIgnoreLineBreak();
             if (addJceProviders) {
-                addJceProvider("XMLDSig", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
-                addJceProvider("BC", "org.bouncycastle.jce.provider.BouncyCastleProvider");
-                Security.removeProvider("STRTransform");
-                appendJceProvider(
-                    "STRTransform", new org.apache.ws.security.transform.STRTransformProvider()
-                );
+                AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
+                    public Boolean run() {
+                        addJceProvider("XMLDSig", "org.jcp.xml.dsig.internal.dom.XMLDSigRI");
+                        addJceProvider("BC", "org.bouncycastle.jce.provider.BouncyCastleProvider");
+                        Security.removeProvider("STRTransform");
+                        appendJceProvider(
+                            "STRTransform", new org.apache.ws.security.transform.STRTransformProvider()
+                        );
+                        return true;
+                    }
+                });
             }
             staticallyInitialized = true;
         }



Mime
View raw message