SecurityUtilpublic final class SecurityUtil extends Object This utility class associates a Subject to the current
AccessControlContext . When a SecurityManager is
used, * the container will always associate the called thread with an
AccessControlContext * containing only the principal of the requested
Servlet/Filter.
This class uses reflection to invoke the invoke methods. |
Fields Summary |
---|
private static final int | INIT | private static final int | SERVICE | private static final int | DOFILTER | private static final int | DESTROY | private static final String | INIT_METHOD | private static final String | DOFILTER_METHOD | private static final String | SERVICE_METHOD | private static final String | DESTROY_METHOD | private static HashMap | objectCacheCache every object for which we are creating method on it. | private static org.apache.juli.logging.Log | log | private static String | PACKAGE | private static boolean | packageDefinitionEnabled | private static final org.apache.catalina.util.StringManager | smThe string resources for this package. |
Methods Summary |
---|
private static java.lang.reflect.Method | createMethodAndCacheIt(java.lang.reflect.Method[] methodsCache, java.lang.String methodName, java.lang.Object targetObject, java.lang.Class[] targetType)Create the method and cache it for further re-use.
if ( methodsCache == null){
methodsCache = new Method[3];
}
Method method =
targetObject.getClass().getMethod(methodName, targetType);
if (methodName.equalsIgnoreCase(INIT_METHOD)){
methodsCache[INIT] = method;
} else if (methodName.equalsIgnoreCase(DESTROY_METHOD)){
methodsCache[DESTROY] = method;
} else if (methodName.equalsIgnoreCase(SERVICE_METHOD)){
methodsCache[SERVICE] = method;
} else if (methodName.equalsIgnoreCase(DOFILTER_METHOD)){
methodsCache[DOFILTER] = method;
}
objectCache.put(targetObject, methodsCache );
return method;
| public static void | doAsPrivilege(java.lang.String methodName, javax.servlet.Servlet targetObject)Perform work as a particular Subject. Here the work
will be granted to a null subject.
doAsPrivilege(methodName, targetObject, null, null, null);
| public static void | doAsPrivilege(java.lang.String methodName, javax.servlet.Servlet targetObject, java.lang.Class[] targetType, java.lang.Object[] targetArguments)Perform work as a particular Subject. Here the work
will be granted to a null subject.
doAsPrivilege(methodName,
targetObject,
targetType,
targetArguments,
null);
| public static void | doAsPrivilege(java.lang.String methodName, javax.servlet.Servlet targetObject, java.lang.Class[] targetType, java.lang.Object[] targetArguments, java.security.Principal principal)Perform work as a particular Subject. Here the work
will be granted to a null subject.
Method method = null;
Method[] methodsCache = null;
if(objectCache.containsKey(targetObject)){
methodsCache = (Method[])objectCache.get(targetObject);
method = findMethod(methodsCache, methodName);
if (method == null){
method = createMethodAndCacheIt(methodsCache,
methodName,
targetObject,
targetType);
}
} else {
method = createMethodAndCacheIt(methodsCache,
methodName,
targetObject,
targetType);
}
execute(method, targetObject, targetArguments, principal);
| public static void | doAsPrivilege(java.lang.String methodName, javax.servlet.Filter targetObject)Perform work as a particular Subject. Here the work
will be granted to a null subject.
doAsPrivilege(methodName, targetObject, null, null);
| public static void | doAsPrivilege(java.lang.String methodName, javax.servlet.Filter targetObject, java.lang.Class[] targetType, java.lang.Object[] targetArguments)Perform work as a particular Subject. Here the work
will be granted to a null subject.
Method method = null;
Method[] methodsCache = null;
if(objectCache.containsKey(targetObject)){
methodsCache = (Method[])objectCache.get(targetObject);
method = findMethod(methodsCache, methodName);
if (method == null){
method = createMethodAndCacheIt(methodsCache,
methodName,
targetObject,
targetType);
}
} else {
method = createMethodAndCacheIt(methodsCache,
methodName,
targetObject,
targetType);
}
execute(method, targetObject, targetArguments, null);
| private static void | execute(java.lang.reflect.Method method, java.lang.Object targetObject, java.lang.Object[] targetArguments, java.security.Principal principal)Perform work as a particular Subject. Here the work
will be granted to a null subject.
try{
Subject subject = null;
PrivilegedExceptionAction pea = new PrivilegedExceptionAction(){
public Object run() throws Exception{
method.invoke(targetObject, targetArguments);
return null;
}
};
// The first argument is always the request object
if (targetArguments != null
&& targetArguments[0] instanceof HttpServletRequest){
HttpServletRequest request =
(HttpServletRequest)targetArguments[0];
boolean hasSubject = false;
HttpSession session = request.getSession(false);
if (session != null){
subject =
(Subject)session.getAttribute(Globals.SUBJECT_ATTR);
hasSubject = (subject != null);
}
if (subject == null){
subject = new Subject();
if (principal != null){
subject.getPrincipals().add(principal);
}
}
if (session != null && !hasSubject) {
session.setAttribute(Globals.SUBJECT_ATTR, subject);
}
}
Subject.doAsPrivileged(subject, pea, null);
} catch( PrivilegedActionException pe) {
Throwable e = ((InvocationTargetException)pe.getException())
.getTargetException();
if (log.isDebugEnabled()){
log.debug(sm.getString("SecurityUtil.doAsPrivilege"), e);
}
if (e instanceof UnavailableException)
throw (UnavailableException) e;
else if (e instanceof ServletException)
throw (ServletException) e;
else if (e instanceof IOException)
throw (IOException) e;
else if (e instanceof RuntimeException)
throw (RuntimeException) e;
else
throw new ServletException(e.getMessage(), e);
}
| private static java.lang.reflect.Method | findMethod(java.lang.reflect.Method[] methodsCache, java.lang.String methodName)Find a method stored within the cache.
if (methodName.equalsIgnoreCase(INIT_METHOD)
&& methodsCache[INIT] != null){
return methodsCache[INIT];
} else if (methodName.equalsIgnoreCase(DESTROY_METHOD)
&& methodsCache[DESTROY] != null){
return methodsCache[DESTROY];
} else if (methodName.equalsIgnoreCase(SERVICE_METHOD)
&& methodsCache[SERVICE] != null){
return methodsCache[SERVICE];
} else if (methodName.equalsIgnoreCase(DOFILTER_METHOD)
&& methodsCache[DOFILTER] != null){
return methodsCache[DOFILTER];
}
return null;
| public static boolean | isPackageProtectionEnabled()Return the SecurityManager only if Security is enabled AND
package protection mechanism is enabled.
if (packageDefinitionEnabled && Globals.IS_SECURITY_ENABLED){
return true;
}
return false;
| public static void | remove(java.lang.Object cachedObject)Remove the object from the cache.
objectCache.remove(cachedObject);
|
|