jfarcand 2004/11/18 14:13:36
Modified: catalina/src/share/org/apache/catalina/core Tag: TOMCAT_5_0
ApplicationContextFacade.java
ApplicationDispatcher.java
ApplicationFilterChain.java StandardWrapper.java
catalina/src/share/org/apache/catalina/security Tag:
TOMCAT_5_0 SecurityUtil.java
catalina/src/share/org/apache/catalina/session Tag:
TOMCAT_5_0 PersistentManagerBase.java
StandardManager.java StandardSession.java
Log:
When the package protection is not used, do not create the doPrivileged
objects so we don't suffer the performance hit (15% faster with trade2 and this
change). Also fixed a memory leak when security manager is turned on.
Revision Changes Path
No revision
No revision
1.10.2.3 +32 -25
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContextFacade.java
Index: ApplicationContextFacade.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationContextFacade.java,v
retrieving revision 1.10.2.2
retrieving revision 1.10.2.3
diff -u -r1.10.2.2 -r1.10.2.3
--- ApplicationContextFacade.java 1 Oct 2004 01:10:17 -0000 1.10.2.2
+++ ApplicationContextFacade.java 18 Nov 2004 22:13:36 -0000 1.10.2.3
@@ -35,6 +35,8 @@
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
+import org.apache.catalina.security.SecurityUtil;
+
/**
* Facade object which masks the internal <code>ApplicationContext</code>
@@ -118,7 +120,7 @@
public ServletContext getContext(String uripath) {
ServletContext theContext = null;
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
theContext = (ServletContext)
doPrivileged("getContext", new Object[]{uripath});
} else {
@@ -143,7 +145,7 @@
public String getMimeType(String file) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (String)doPrivileged("getMimeType", new Object[]{file});
} else {
return context.getMimeType(file);
@@ -152,7 +154,7 @@
public Set getResourcePaths(String path) {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
return (Set)doPrivileged("getResourcePaths", new Object[]{path});
} else {
return context.getResourcePaths(path);
@@ -179,7 +181,7 @@
public InputStream getResourceAsStream(String path) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (InputStream) doPrivileged("getResourceAsStream",
new Object[]{path});
} else {
@@ -189,7 +191,7 @@
public RequestDispatcher getRequestDispatcher(final String path) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (RequestDispatcher) doPrivileged("getRequestDispatcher",
new Object[]{path});
} else {
@@ -199,7 +201,7 @@
public RequestDispatcher getNamedDispatcher(String name) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (RequestDispatcher) doPrivileged("getNamedDispatcher",
new Object[]{name});
} else {
@@ -210,7 +212,7 @@
public Servlet getServlet(String name)
throws ServletException {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
try {
return (Servlet) invokeMethod(context, "getServlet",
new Object[]{name});
@@ -227,7 +229,7 @@
public Enumeration getServlets() {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (Enumeration) doPrivileged("getServlets", null);
} else {
return context.getServlets();
@@ -236,7 +238,7 @@
public Enumeration getServletNames() {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (Enumeration) doPrivileged("getServletNames", null);
} else {
return context.getServletNames();
@@ -245,7 +247,7 @@
public void log(String msg) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("log", new Object[]{msg} );
} else {
context.log(msg);
@@ -254,7 +256,7 @@
public void log(Exception exception, String msg) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("log", new Class[]{Exception.class, String.class},
new Object[]{exception,msg});
} else {
@@ -264,7 +266,7 @@
public void log(String message, Throwable throwable) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("log", new Class[]{String.class, Throwable.class},
new Object[]{message, throwable});
} else {
@@ -274,7 +276,7 @@
public String getRealPath(String path) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (String) doPrivileged("getRealPath", new Object[]{path});
} else {
return context.getRealPath(path);
@@ -283,7 +285,7 @@
public String getServerInfo() {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (String) doPrivileged("getServerInfo", null);
} else {
return context.getServerInfo();
@@ -292,7 +294,7 @@
public String getInitParameter(String name) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (String) doPrivileged("getInitParameter",
new Object[]{name});
} else {
@@ -302,7 +304,7 @@
public Enumeration getInitParameterNames() {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (Enumeration) doPrivileged("getInitParameterNames", null);
} else {
return context.getInitParameterNames();
@@ -311,7 +313,7 @@
public Object getAttribute(String name) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return doPrivileged("getAttribute", new Object[]{name});
} else {
return context.getAttribute(name);
@@ -320,7 +322,7 @@
public Enumeration getAttributeNames() {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (Enumeration) doPrivileged("getAttributeNames", null);
} else {
return context.getAttributeNames();
@@ -329,7 +331,7 @@
public void setAttribute(String name, Object object) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("setAttribute", new Object[]{name,object});
} else {
context.setAttribute(name, object);
@@ -338,7 +340,7 @@
public void removeAttribute(String name) {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
doPrivileged("removeAttribute", new Object[]{name});
} else {
context.removeAttribute(name);
@@ -347,7 +349,7 @@
public String getServletContextName() {
- if (System.getSecurityManager() != null) {
+ if (SecurityUtil.isPackageProtectionEnabled()) {
return (String) doPrivileged("getServletContextName", null);
} else {
return context.getServletContextName();
@@ -401,7 +403,7 @@
*/
private Object invokeMethod(ApplicationContext appContext,
final String methodName,
- final Object[] params)
+ Object[] params)
throws Throwable{
try{
@@ -416,6 +418,8 @@
} catch (Exception ex){
handleException(ex, methodName);
return null;
+ } finally {
+ params = null;
}
}
@@ -428,7 +432,7 @@
*/
private Object doPrivileged(final String methodName,
final Class[] clazz,
- final Object[] params){
+ Object[] params){
try{
Method method = context.getClass()
@@ -441,6 +445,8 @@
throw new RuntimeException(t.getMessage());
}
return null;
+ } finally {
+ params = null;
}
}
@@ -459,7 +465,7 @@
IllegalAccessException,
InvocationTargetException {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
return AccessController.doPrivileged(new
PrivilegedExceptionAction(){
public Object run() throws IllegalAccessException,
InvocationTargetException{
return method.invoke(context, params);
@@ -472,6 +478,7 @@
/**
+ *
* Throw the real exception.
* @param ex The current exception
*/
1.34.2.2 +2 -2
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java
Index: ApplicationDispatcher.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationDispatcher.java,v
retrieving revision 1.34.2.1
retrieving revision 1.34.2.2
diff -u -r1.34.2.1 -r1.34.2.2
--- ApplicationDispatcher.java 28 Sep 2004 13:23:11 -0000 1.34.2.1
+++ ApplicationDispatcher.java 18 Nov 2004 22:13:36 -0000 1.34.2.2
@@ -53,7 +53,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-
+import org.apache.catalina.security.SecurityUtil;
/**
* Standard implementation of <code>RequestDispatcher</code> that allows a
* request to be forwarded to a different resource to create the ultimate
1.10.2.3 +23 -8
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java
Index: ApplicationFilterChain.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/ApplicationFilterChain.java,v
retrieving revision 1.10.2.2
retrieving revision 1.10.2.3
diff -u -r1.10.2.2 -r1.10.2.3
--- ApplicationFilterChain.java 1 Oct 2004 01:10:17 -0000 1.10.2.2
+++ ApplicationFilterChain.java 18 Nov 2004 22:13:36 -0000 1.10.2.3
@@ -111,6 +111,22 @@
*/
private InstanceSupport support = null;
+
+ /**
+ * Static class array used when the SecurityManager is turned on and
+ * <code>doFilter</code is invoked.
+ */
+ private static Class[] classType = new Class[]{ServletRequest.class,
+ ServletResponse.class,
+ FilterChain.class};
+
+ /**
+ * Static class array used when the SecurityManager is turned on and
+ * <code>service</code is invoked.
+ */
+ private static Class[] classTypeUsedInService = new Class[]{
+
ServletRequest.class,
+
ServletResponse.class};
// ---------------------------------------------------- FilterChain
Methods
@@ -176,12 +192,12 @@
final ServletResponse res = response;
Principal principal =
((HttpServletRequest) req).getUserPrincipal();
- Class[] classType = new Class[]{ServletRequest.class,
- ServletResponse.class,
- FilterChain.class};
+
Object[] args = new Object[]{req, res, this};
SecurityUtil.doAsPrivilege
("doFilter", filter, classType, args);
+
+ args = null;
} else {
filter.doFilter(request, response, this);
}
@@ -225,14 +241,13 @@
final ServletResponse res = response;
Principal principal =
((HttpServletRequest) req).getUserPrincipal();
- Class[] classType = new Class[]{ServletRequest.class,
- ServletResponse.class};
Object[] args = new Object[]{req, res};
SecurityUtil.doAsPrivilege("service",
servlet,
- classType,
+ classTypeUsedInService,
args,
- principal);
+ principal);
+ args = null;
} else {
servlet.service((HttpServletRequest) request,
(HttpServletResponse) response);
1.43.2.3 +21 -7
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardWrapper.java
Index: StandardWrapper.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardWrapper.java,v
retrieving revision 1.43.2.2
retrieving revision 1.43.2.3
diff -u -r1.43.2.2 -r1.43.2.3
--- StandardWrapper.java 1 Oct 2004 01:10:17 -0000 1.43.2.2
+++ StandardWrapper.java 18 Nov 2004 22:13:36 -0000 1.43.2.3
@@ -239,7 +239,21 @@
private StandardWrapperValve swValve;
private long loadTime=0;
private int classLoadTime=0;
-
+
+ /**
+ * Static class array used when the SecurityManager is turned on and
+ * <code>Servlet.init</code> is invoked.
+ */
+ private static Class[] classType = new Class[]{ServletConfig.class};
+
+
+ /**
+ * Static class array used when the SecurityManager is turned on and
+ * <code>Servlet.service</code> is invoked.
+ */
+ private static Class[] classTypeUsedInService = new Class[]{
+
ServletRequest.class,
+
ServletResponse.class};
// -------------------------------------------------------------
Properties
@@ -936,7 +950,7 @@
// Load the specified servlet class from the appropriate class
loader
Class classClass = null;
try {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
final ClassLoader fclassLoader = classLoader;
final String factualClass = actualClass;
try{
@@ -1019,12 +1033,13 @@
servlet);
if( System.getSecurityManager() != null) {
- Class[] classType = new Class[]{ServletConfig.class};
+
Object[] args = new Object[]{((ServletConfig)facade)};
SecurityUtil.doAsPrivilege("init",
servlet,
classType,
args);
+ args = null;
} else {
servlet.init(facade);
}
@@ -1038,13 +1053,12 @@
DummyResponse res = new DummyResponse();
if( System.getSecurityManager() != null) {
- Class[] classType = new Class[]{ServletRequest.class,
-
ServletResponse.class};
Object[] args = new Object[]{req, res};
SecurityUtil.doAsPrivilege("service",
servlet,
- classType,
+ classTypeUsedInService,
args);
+ args = null;
} else {
servlet.service(req, res);
}
No revision
No revision
1.11.2.2 +18 -0
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityUtil.java
Index: SecurityUtil.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/security/SecurityUtil.java,v
retrieving revision 1.11.2.1
retrieving revision 1.11.2.2
diff -u -r1.11.2.1 -r1.11.2.2
--- SecurityUtil.java 20 Aug 2004 14:28:38 -0000 1.11.2.1
+++ SecurityUtil.java 18 Nov 2004 22:13:36 -0000 1.11.2.2
@@ -68,6 +68,10 @@
private static String PACKAGE = "org.apache.catalina.security";
+ private static boolean packageDefinitionEnabled =
+ (System.getProperty("package.definition") == null &&
+ System.getProperty("package.access") == null) ? false : true;
+
/**
* The string resources for this package.
*/
@@ -360,4 +364,18 @@
public static void remove(Object cachedObject){
objectCache.remove(cachedObject);
}
+
+
+ /**
+ * Return the <code>SecurityManager</code> only if Security is enabled
AND
+ * package protection mechanism is enabled.
+ */
+ public static boolean isPackageProtectionEnabled(){
+ if (packageDefinitionEnabled && System.getSecurityManager() !=
null){
+ return true;
+ }
+ return false;
+ }
+
+
}
No revision
No revision
1.19.2.1 +11 -9
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/PersistentManagerBase.java
Index: PersistentManagerBase.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/PersistentManagerBase.java,v
retrieving revision 1.19
retrieving revision 1.19.2.1
diff -u -r1.19 -r1.19.2.1
--- PersistentManagerBase.java 26 May 2004 16:14:04 -0000 1.19
+++ PersistentManagerBase.java 18 Nov 2004 22:13:36 -0000 1.19.2.1
@@ -34,7 +34,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-
+import org.apache.catalina.security.SecurityUtil;
/**
* Extends the <b>ManagerBase</b> class to implement most of the
* functionality required by a Manager which supports any kind of
@@ -556,7 +556,7 @@
return;
try {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged(new
PrivilegedStoreClear());
}catch(PrivilegedActionException ex){
@@ -661,9 +661,10 @@
String[] ids = null;
try {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
try{
- ids = (String[])AccessController.doPrivileged(new
PrivilegedStoreKeys());
+ ids = (String[])
+ AccessController.doPrivileged(new
PrivilegedStoreKeys());
}catch(PrivilegedActionException ex){
Exception exception = ex.getException();
log.error("Exception clearing the Store: " + exception);
@@ -718,7 +719,7 @@
*/
protected void removeSession(String id){
try {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged(new
PrivilegedStoreRemove(id));
}catch(PrivilegedActionException ex){
@@ -785,9 +786,10 @@
Session session = null;
try {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
try{
- session = (Session) AccessController.doPrivileged(new
PrivilegedStoreLoad(id));
+ session = (Session)
+ AccessController.doPrivileged(new
PrivilegedStoreLoad(id));
}catch(PrivilegedActionException ex){
Exception exception = ex.getException();
log.error("Exception clearing the Store: " + exception);
@@ -865,7 +867,7 @@
}
try {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged(new
PrivilegedStoreSave(session));
}catch(PrivilegedActionException ex){
1.22.2.1 +4 -4
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardManager.java
Index: StandardManager.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardManager.java,v
retrieving revision 1.22
retrieving revision 1.22.2.1
diff -u -r1.22 -r1.22.2.1
--- StandardManager.java 26 May 2004 16:14:10 -0000 1.22
+++ StandardManager.java 18 Nov 2004 22:13:36 -0000 1.22.2.1
@@ -45,7 +45,7 @@
import org.apache.catalina.util.CustomObjectInputStream;
import org.apache.catalina.util.LifecycleSupport;
-
+import org.apache.catalina.security.SecurityUtil;
/**
* Standard implementation of the <b>Manager</b> interface that provides
* simple session persistence across restarts of this component (such as
@@ -325,7 +325,7 @@
* @exception IOException if an input/output error occurs
*/
public void load() throws ClassNotFoundException, IOException {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged( new PrivilegedDoLoad() );
} catch (PrivilegedActionException ex){
@@ -469,7 +469,7 @@
* @exception IOException if an input/output error occurs
*/
public void unload() throws IOException {
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
try{
AccessController.doPrivileged( new PrivilegedDoUnload() );
} catch (PrivilegedActionException ex){
1.44.2.2 +3 -3
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java
Index: StandardSession.java
===================================================================
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/session/StandardSession.java,v
retrieving revision 1.44.2.1
retrieving revision 1.44.2.2
diff -u -r1.44.2.1 -r1.44.2.2
--- StandardSession.java 28 Aug 2004 12:54:08 -0000 1.44.2.1
+++ StandardSession.java 18 Nov 2004 22:13:36 -0000 1.44.2.2
@@ -52,7 +52,7 @@
import org.apache.catalina.util.Enumerator;
import org.apache.catalina.util.StringManager;
-
+import org.apache.catalina.security.SecurityUtil;
/**
* Standard implementation of the <b>Session</b> interface. This object is
* serializable, so that it can be stored in persistent storage or
transferred
@@ -529,7 +529,7 @@
public HttpSession getSession() {
if (facade == null){
- if (System.getSecurityManager() != null){
+ if (SecurityUtil.isPackageProtectionEnabled()){
final StandardSession fsession = this;
facade =
(StandardSessionFacade)AccessController.doPrivileged(new PrivilegedAction(){
public Object run(){
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
