Java Code Examples for org.apache.catalina.Globals#IS_SECURITY_ENABLED
The following examples show how to use
org.apache.catalina.Globals#IS_SECURITY_ENABLED .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: ApplicationContext.java From tomcatsrc with Apache License 2.0 | 6 votes |
|
@Override
public ClassLoader getClassLoader() {
ClassLoader result = context.getLoader().getClassLoader();
if (Globals.IS_SECURITY_ENABLED) {
ClassLoader tccl = Thread.currentThread().getContextClassLoader();
ClassLoader parent = result;
while (parent != null) {
if (parent == tccl) {
break;
}
parent = parent.getParent();
}
if (parent == null) {
System.getSecurityManager().checkPermission(
new RuntimePermission("getClassLoader"));
}
}
return result;
}
Example 2
| Source File: Introspection.java From Tomcat7.0.67 with Apache License 2.0 | 6 votes |
|
/**
* Obtain the declared fields for a class taking account of any security
* manager that may be configured.
*/
public static Field[] getDeclaredFields(final Class<?> clazz) {
Field[] fields = null;
if (Globals.IS_SECURITY_ENABLED) {
fields = AccessController.doPrivileged(
new PrivilegedAction<Field[]>(){
@Override
public Field[] run(){
return clazz.getDeclaredFields();
}
});
} else {
fields = clazz.getDeclaredFields();
}
return fields;
}
Example 3
| Source File: ApplicationDispatcher.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
@Override
public void dispatch(ServletRequest request, ServletResponse response)
throws ServletException, IOException {
if (Globals.IS_SECURITY_ENABLED) {
try {
PrivilegedDispatch dp = new PrivilegedDispatch(request,response);
AccessController.doPrivileged(dp);
} catch (PrivilegedActionException pe) {
Exception e = pe.getException();
if (e instanceof ServletException)
throw (ServletException) e;
throw (IOException) e;
}
} else {
doDispatch(request, response);
}
}
Example 4
| Source File: ApplicationContext.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
@Override
public ClassLoader getClassLoader() {
ClassLoader result = context.getLoader().getClassLoader();
if (Globals.IS_SECURITY_ENABLED) {
ClassLoader tccl = Thread.currentThread().getContextClassLoader();
ClassLoader parent = result;
while (parent != null) {
if (parent == tccl) {
break;
}
parent = parent.getParent();
}
if (parent == null) {
System.getSecurityManager().checkPermission(
new RuntimePermission("getClassLoader"));
}
}
return result;
}
Example 5
| Source File: ApplicationDispatcher.java From Tomcat8-Source-Read with MIT License | 6 votes |
|
/**
* Forward this request and response to another resource for processing.
* Any runtime exception, IOException, or ServletException thrown by the
* called servlet will be propagated to the caller.
*
* @param request The servlet request to be forwarded
* @param response The servlet response to be forwarded
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet exception occurs
*/
@Override
public void forward(ServletRequest request, ServletResponse response)
throws ServletException, IOException
{
if (Globals.IS_SECURITY_ENABLED) {
try {
PrivilegedForward dp = new PrivilegedForward(request,response);
AccessController.doPrivileged(dp);
} catch (PrivilegedActionException pe) {
Exception e = pe.getException();
if (e instanceof ServletException)
throw (ServletException) e;
throw (IOException) e;
}
} else {
doForward(request,response);
}
}
Example 6
| Source File: ResponseFacade.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public void setDateHeader(String name, long date) {
if (isCommitted()) {
return;
}
if(Globals.IS_SECURITY_ENABLED) {
AccessController.doPrivileged(new DateHeaderPrivilegedAction
(name, date, false));
} else {
response.setDateHeader(name, date);
}
}
Example 7
| Source File: RequestFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public Enumeration<String> getHeaders(String name) {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
if (Globals.IS_SECURITY_ENABLED){
return AccessController.doPrivileged(
new GetHeadersPrivilegedAction(name));
} else {
return request.getHeaders(name);
}
}
Example 8
| Source File: RequestFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public Enumeration<String> getParameterNames() {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
if (Globals.IS_SECURITY_ENABLED){
return AccessController.doPrivileged(
new GetParameterNamesPrivilegedAction());
} else {
return request.getParameterNames();
}
}
Example 9
| Source File: ResponseFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public void addDateHeader(String name, long date) {
if (isCommitted()) {
return;
}
if(Globals.IS_SECURITY_ENABLED) {
AccessController.doPrivileged(new DateHeaderPrivilegedAction
(name, date, true));
} else {
response.addDateHeader(name, date);
}
}
Example 10
| Source File: RequestFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public Enumeration<Locale> getLocales() {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
if (Globals.IS_SECURITY_ENABLED){
return AccessController.doPrivileged(
new GetLocalesPrivilegedAction());
} else {
return request.getLocales();
}
}
Example 11
| Source File: SecurityUtil.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
/**
* Return the <code>SecurityManager</code> only if Security is enabled AND
* package protection mechanism is enabled.
*/
public static boolean isPackageProtectionEnabled(){
if (packageDefinitionEnabled && Globals.IS_SECURITY_ENABLED){
return true;
}
return false;
}
Example 12
| Source File: RequestFacade.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public Enumeration<String> getAttributeNames() {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
if (Globals.IS_SECURITY_ENABLED){
return AccessController.doPrivileged(
new GetAttributePrivilegedAction());
} else {
return request.getAttributeNames();
}
}
Example 13
| Source File: ApplicationFilterChain.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
/**
* Invoke the next filter in this chain, passing the specified request
* and response. If there are no more filters in this chain, invoke
* the <code>service()</code> method of the servlet itself.
*
* @param request The servlet request we are processing
* @param response The servlet response we are creating
*
* @exception IOException if an input/output error occurs
* @exception ServletException if a servlet exception occurs
*
* 用来执行过滤器方法以及最后的Servlet
*/
@Override
public void doFilter(ServletRequest request, ServletResponse response)
throws IOException, ServletException {
if( Globals.IS_SECURITY_ENABLED ) {
final ServletRequest req = request;
final ServletResponse res = response;
try {
java.security.AccessController.doPrivileged(
new java.security.PrivilegedExceptionAction<Void>() {
@Override
public Void run()
throws ServletException, IOException {
internalDoFilter(req,res);
return null;
}
}
);
} catch( PrivilegedActionException pe) {
Exception e = pe.getException();
if (e instanceof ServletException)
throw (ServletException) e;
else if (e instanceof IOException)
throw (IOException) e;
else if (e instanceof RuntimeException)
throw (RuntimeException) e;
else
throw new ServletException(e.getMessage(), e);
}
} else {
internalDoFilter(request,response);
}
}
Example 14
| Source File: RequestFacade.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public Enumeration<String> getHeaderNames() {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
if (Globals.IS_SECURITY_ENABLED){
return AccessController.doPrivileged(
new GetHeaderNamesPrivilegedAction());
} else {
return request.getHeaderNames();
}
}
Example 15
| Source File: RequestFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public Map<String,String[]> getParameterMap() {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
if (Globals.IS_SECURITY_ENABLED){
return AccessController.doPrivileged(
new GetParameterMapPrivilegedAction());
} else {
return request.getParameterMap();
}
}
Example 16
| Source File: WebappClassLoaderBase.java From Tomcat8-Source-Read with MIT License | 5 votes |
|
@Override
public boolean hasLoggingConfig() {
if (Globals.IS_SECURITY_ENABLED) {
Boolean result = AccessController.doPrivileged(new PrivilegedHasLoggingConfig());
return result.booleanValue();
} else {
return findResource("logging.properties") != null;
}
}
Example 17
| Source File: RequestFacade.java From Tomcat7.0.67 with Apache License 2.0 | 5 votes |
|
@Override
public Enumeration<String> getHeaders(String name) {
if (request == null) {
throw new IllegalStateException(
sm.getString("requestFacade.nullRequest"));
}
if (Globals.IS_SECURITY_ENABLED){
return AccessController.doPrivileged(
new GetHeadersPrivilegedAction(name));
} else {
return request.getHeaders(name);
}
}
Example 18
| Source File: ResponseFacade.java From tomcatsrc with Apache License 2.0 | 5 votes |
|
@Override
public void addDateHeader(String name, long date) {
if (isCommitted()) {
return;
}
if(Globals.IS_SECURITY_ENABLED) {
AccessController.doPrivileged(new DateHeaderPrivilegedAction
(name, date, true));
} else {
response.addDateHeader(name, date);
}
}
Example 19
| Source File: Request.java From Tomcat7.0.67 with Apache License 2.0 | 4 votes |
|
/**
* Set the specified request attribute to the specified value.
*
* @param name Name of the request attribute to set
* @param value The associated value
*/
@Override
public void setAttribute(String name, Object value) {
// Name cannot be null
if (name == null) {
throw new IllegalArgumentException
(sm.getString("coyoteRequest.setAttribute.namenull"));
}
// Null value is the same as removeAttribute()
if (value == null) {
removeAttribute(name);
return;
}
// Special attributes
SpecialAttributeAdapter adapter = specialAttributes.get(name);
if (adapter != null) {
adapter.set(this, name, value);
return;
}
// Add or replace the specified attribute
// Do the security check before any updates are made
if (Globals.IS_SECURITY_ENABLED &&
name.equals(Globals.SENDFILE_FILENAME_ATTR)) {
// Use the canonical file name to avoid any possible symlink and
// relative path issues
String canonicalPath;
try {
canonicalPath = new File(value.toString()).getCanonicalPath();
} catch (IOException e) {
throw new SecurityException(sm.getString(
"coyoteRequest.sendfileNotCanonical", value), e);
}
// Sendfile is performed in Tomcat's security context so need to
// check if the web app is permitted to access the file while still
// in the web app's security context
System.getSecurityManager().checkRead(canonicalPath);
// Update the value so the canonical path is used
value = canonicalPath;
}
Object oldValue = attributes.put(name, value);
// Pass special attributes to the native layer
if (name.startsWith("org.apache.tomcat.")) {
coyoteRequest.setAttribute(name, value);
}
// Notify interested application event listeners
notifyAttributeAssigned(name, value, oldValue);
}
Example 20
| Source File: ContainerBase.java From Tomcat8-Source-Read with MIT License | 3 votes |
|
/**
* Add a new child Container to those associated with this Container,
* if supported. Prior to adding this Container to the set of children,
* the child's <code>setParent()</code> method must be called, with this
* Container as an argument. This method may thrown an
* <code>IllegalArgumentException</code> if this Container chooses not
* to be attached to the specified Container, in which case it is not added
*
* @param child New child Container to be added
*
* @exception IllegalArgumentException if this exception is thrown by
* the <code>setParent()</code> method of the child Container
* @exception IllegalArgumentException if the new child does not have
* a name unique from that of existing children of this Container
* @exception IllegalStateException if this Container does not support
* child Containers
*/
@Override
public void addChild(Container child) {
if (Globals.IS_SECURITY_ENABLED) {
PrivilegedAction<Void> dp =
new PrivilegedAddChild(child);
AccessController.doPrivileged(dp);
} else {
addChildInternal(child);
}
}
