glenn 01/06/22 13:11:02
Modified: catalina/src/share/org/apache/catalina/loader
WebappClassLoader.java
Log:
Add support for JndiPermission
Revision Changes Path
1.4 +21 -14
jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java
Index: WebappClassLoader.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- WebappClassLoader.java 2001/06/22 17:29:22 1.3
+++ WebappClassLoader.java 2001/06/22 20:11:01 1.4
@@ -1,7 +1,7 @@
/*
- * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
1.3 2001/06/22 17:29:22 remm Exp $
- * $Revision: 1.3 $
- * $Date: 2001/06/22 17:29:22 $
+ * $Header:
/home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/loader/WebappClassLoader.java,v
1.4 2001/06/22 20:11:01 glenn Exp $
+ * $Revision: 1.4 $
+ * $Date: 2001/06/22 20:11:01 $
*
* ====================================================================
*
@@ -81,6 +81,7 @@
import java.security.AccessController;
import java.security.AccessControlContext;
import java.security.CodeSource;
+import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.cert.Certificate;
@@ -100,6 +101,7 @@
import javax.naming.NamingEnumeration;
import javax.naming.NameClassPair;
+import org.apache.naming.JndiPermission;
import org.apache.naming.resources.ResourceAttributes;
import org.apache.naming.resources.Resource;
@@ -117,7 +119,7 @@
*
* @author Remy Maucherat
* @author Craig R. McClanahan
- * @version $Revision: 1.3 $ $Date: 2001/06/22 17:29:22 $
+ * @version $Revision: 1.4 $ $Date: 2001/06/22 20:11:01 $
*/
public class WebappClassLoader
extends URLClassLoader
@@ -274,10 +276,10 @@
/**
- * A list of read FilePermission's required if this loader
+ * A list of read File and Jndi Permission's required if this loader
* is for a web application context.
*/
- private ArrayList filePermissionList = new ArrayList();
+ private ArrayList permissionList = new ArrayList();
/**
@@ -366,20 +368,24 @@
/**
* If there is a Java SecurityManager create a read FilePermission
- * for the file directory path.
+ * or JndiPermission for the file directory path.
*
* @param path file directory path
*/
public void setPermissions(String path) {
if( securityManager != null ) {
- filePermissionList.add(new FilePermission(path + "-","read"));
+ if( path.startsWith("jndi:") || path.startsWith("jar:jndi:") ) {
+ permissionList.add(new JndiPermission(path + "*"));
+ } else {
+ permissionList.add(new FilePermission(path + "-","read"));
+ }
}
}
/**
- * If there is a Java SecurityManager add a read FilePermission
- * for URL.
+ * If there is a Java SecurityManager create a read FilePermission
+ * or JndiPermission for URL.
*
* @param url URL for a file or directory on local system
*/
@@ -1188,7 +1194,8 @@
/**
* Get the Permissions for a CodeSource. If this instance
* of WebappClassLoader is for a web application context,
- * add read FilePermissions for the base directory (if unpacked),
+ * add read FilePermission or JndiPermissions for the base
+ * directory (if unpacked),
* the context URL, and jar file resources.
*
* @param CodeSource where the code was loaded from
@@ -1207,10 +1214,10 @@
if ((pc = (PermissionCollection)loaderPC.get(codeUrl)) == null) {
pc = super.getPermissions(codeSource);
if (pc != null) {
- Iterator perms = filePermissionList.iterator();
+ Iterator perms = permissionList.iterator();
while (perms.hasNext()) {
- FilePermission fp = (FilePermission)perms.next();
- pc.add(fp);
+ Permission p = (Permission)perms.next();
+ pc.add(p);
}
loaderPC.put(codeUrl,pc);
}
