|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
package jdk.xml.internal; |
|
|
|
import java.io.File; |
|
import java.io.FileInputStream; |
|
import java.io.FileNotFoundException; |
|
import java.io.IOException; |
|
import java.io.InputStream; |
|
import java.net.URL; |
|
import java.security.AccessController; |
|
import java.security.CodeSource; |
|
import java.security.PrivilegedAction; |
|
import java.security.PrivilegedActionException; |
|
import java.security.PrivilegedExceptionAction; |
|
import java.text.MessageFormat; |
|
import java.util.Locale; |
|
import java.util.MissingResourceException; |
|
import java.util.Properties; |
|
import java.util.ResourceBundle; |
|
|
|
|
|
|
|
*/ |
|
public class SecuritySupport { |
|
public final static String NEWLINE = System.lineSeparator(); |
|
|
|
|
|
|
|
*/ |
|
static final Properties cacheProps = new Properties(); |
|
|
|
|
|
|
|
*/ |
|
static volatile boolean firstTime = true; |
|
|
|
private SecuritySupport() {} |
|
|
|
public static String getErrorMessage(Locale locale, String bundle, String key, |
|
Object[] arguments) { |
|
ResourceBundle rb; |
|
if (locale != null) { |
|
rb = ResourceBundle.getBundle(bundle,locale); |
|
} else { |
|
rb = ResourceBundle.getBundle(bundle); |
|
} |
|
|
|
String msg = rb.getString(key); |
|
if (arguments != null) { |
|
msg = MessageFormat.format(msg, arguments); |
|
} |
|
return msg; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static String getSystemProperty(final String propName) { |
|
return |
|
AccessController.doPrivileged( |
|
(PrivilegedAction<String>) () -> System.getProperty(propName)); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static String getSystemProperty(final String propName, String defValue) { |
|
String value = getSystemProperty(propName); |
|
if (value == null) { |
|
return defValue; |
|
} |
|
return value; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static <T> T getSystemProperty(Class<T> type, String propName, String defValue) { |
|
String value = getSystemProperty(propName); |
|
if (value == null) { |
|
value = defValue; |
|
} |
|
if (Integer.class.isAssignableFrom(type)) { |
|
return type.cast(Integer.parseInt(value)); |
|
} else if (Boolean.class.isAssignableFrom(type)) { |
|
return type.cast(Boolean.parseBoolean(value)); |
|
} |
|
return type.cast(value); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static <T> T getJAXPSystemProperty(Class<T> type, String propName, String defValue) { |
|
String value = getJAXPSystemProperty(propName); |
|
if (value == null) { |
|
value = defValue; |
|
} |
|
if (Integer.class.isAssignableFrom(type)) { |
|
return type.cast(Integer.parseInt(value)); |
|
} else if (Boolean.class.isAssignableFrom(type)) { |
|
return type.cast(Boolean.parseBoolean(value)); |
|
} |
|
return type.cast(value); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static String getJAXPSystemProperty(String propName) { |
|
String value = getSystemProperty(propName); |
|
if (value == null) { |
|
value = readJAXPProperty(propName); |
|
} |
|
return value; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static String readJAXPProperty(String propName) { |
|
String value = null; |
|
InputStream is = null; |
|
try { |
|
if (firstTime) { |
|
synchronized (cacheProps) { |
|
if (firstTime) { |
|
String configFile = getSystemProperty("java.home") + File.separator |
|
+ "conf" + File.separator + "jaxp.properties"; |
|
File f = new File(configFile); |
|
if (isFileExists(f)) { |
|
is = getFileInputStream(f); |
|
cacheProps.load(is); |
|
} |
|
firstTime = false; |
|
} |
|
} |
|
} |
|
value = cacheProps.getProperty(propName); |
|
|
|
} catch (IOException ex) { |
|
} finally { |
|
if (is != null) { |
|
try { |
|
is.close(); |
|
} catch (IOException ex) {} |
|
} |
|
} |
|
|
|
return value; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static boolean isDirectory(final File f) { |
|
return (AccessController.doPrivileged((PrivilegedAction<Boolean>) () |
|
-> f.isDirectory())); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static boolean isFileExists(final File f) { |
|
return (AccessController.doPrivileged((PrivilegedAction<Boolean>) () |
|
-> f.exists())); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static FileInputStream getFileInputStream(final File file) |
|
throws FileNotFoundException { |
|
try { |
|
return AccessController.doPrivileged((PrivilegedExceptionAction<FileInputStream>) () |
|
-> new FileInputStream(file)); |
|
} catch (PrivilegedActionException e) { |
|
throw (FileNotFoundException) e.getException(); |
|
} |
|
} |
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static InputStream getResourceAsStream(final String name) { |
|
return AccessController.doPrivileged((PrivilegedAction<InputStream>) () -> |
|
SecuritySupport.class.getResourceAsStream("/"+name)); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static ResourceBundle getResourceBundle(String bundle) { |
|
return getResourceBundle(bundle, Locale.getDefault()); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static ResourceBundle getResourceBundle(final String bundle, final Locale locale) { |
|
return AccessController.doPrivileged((PrivilegedAction<ResourceBundle>) () -> { |
|
try { |
|
return ResourceBundle.getBundle(bundle, locale); |
|
} catch (MissingResourceException e) { |
|
try { |
|
return ResourceBundle.getBundle(bundle, new Locale("en", "US")); |
|
} catch (MissingResourceException e2) { |
|
throw new MissingResourceException( |
|
"Could not load any resource bundle by " + bundle, bundle, ""); |
|
} |
|
} |
|
}); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static boolean doesFileExist(final File f) { |
|
return (AccessController.doPrivileged((PrivilegedAction<Boolean>) () -> f.exists())); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
static long getLastModified(final File f) { |
|
return (AccessController.doPrivileged((PrivilegedAction<Long>) () -> f.lastModified())); |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static String sanitizePath(String uri) { |
|
if (uri == null) { |
|
return ""; |
|
} |
|
int i = uri.lastIndexOf("/"); |
|
if (i > 0) { |
|
return uri.substring(i+1, uri.length()); |
|
} |
|
return ""; |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
public static String checkAccess(String systemId, String allowedProtocols, |
|
String accessAny) throws IOException { |
|
if (systemId == null || (allowedProtocols != null && |
|
allowedProtocols.equalsIgnoreCase(accessAny))) { |
|
return null; |
|
} |
|
|
|
String protocol; |
|
if (!systemId.contains(":")) { |
|
protocol = "file"; |
|
} else { |
|
URL url = new URL(systemId); |
|
protocol = url.getProtocol(); |
|
if (protocol.equalsIgnoreCase("jar")) { |
|
String path = url.getPath(); |
|
protocol = path.substring(0, path.indexOf(":")); |
|
} else if (protocol.equalsIgnoreCase("jrt")) { |
|
|
|
protocol = "file"; |
|
} |
|
} |
|
|
|
if (isProtocolAllowed(protocol, allowedProtocols)) { |
|
|
|
return null; |
|
} else { |
|
return protocol; |
|
} |
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
private static boolean isProtocolAllowed(String protocol, String allowedProtocols) { |
|
if (allowedProtocols == null) { |
|
return false; |
|
} |
|
String temp[] = allowedProtocols.split(","); |
|
for (String t : temp) { |
|
t = t.trim(); |
|
if (t.equalsIgnoreCase(protocol)) { |
|
return true; |
|
} |
|
} |
|
return false; |
|
} |
|
|
|
@SuppressWarnings("removal") |
|
public static ClassLoader getContextClassLoader() { |
|
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { |
|
ClassLoader cl = Thread.currentThread().getContextClassLoader(); |
|
if (cl == null) |
|
cl = ClassLoader.getSystemClassLoader(); |
|
return cl; |
|
}); |
|
} |
|
|
|
|
|
@SuppressWarnings("removal") |
|
public static ClassLoader getSystemClassLoader() { |
|
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { |
|
ClassLoader cl = null; |
|
try { |
|
cl = ClassLoader.getSystemClassLoader(); |
|
} catch (SecurityException ex) { |
|
} |
|
return cl; |
|
}); |
|
} |
|
|
|
@SuppressWarnings("removal") |
|
public static ClassLoader getParentClassLoader(final ClassLoader cl) { |
|
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>) () -> { |
|
ClassLoader parent = null; |
|
try { |
|
parent = cl.getParent(); |
|
} catch (SecurityException ex) { |
|
} |
|
|
|
// eliminate loops in case of the boot |
|
|
|
return (parent == cl) ? null : parent; |
|
}); |
|
} |
|
|
|
|
|
|
|
@SuppressWarnings("removal") |
|
public static String getClassSource(Class<?> cls) { |
|
return AccessController.doPrivileged((PrivilegedAction<String>) () -> { |
|
CodeSource cs = cls.getProtectionDomain().getCodeSource(); |
|
if (cs != null) { |
|
URL loc = cs.getLocation(); |
|
return loc != null ? loc.toString() : "(no location)"; |
|
} else { |
|
return "(no code source)"; |
|
} |
|
}); |
|
} |
|
|
|
// ---------------- For SAX ---------------------- |
|
|
|
|
|
|
|
|
|
|
|
*/ |
|
@SuppressWarnings("removal") |
|
public static ClassLoader getClassLoader() throws SecurityException{ |
|
return AccessController.doPrivileged((PrivilegedAction<ClassLoader>)() -> { |
|
ClassLoader cl = Thread.currentThread().getContextClassLoader(); |
|
if (cl == null) { |
|
cl = ClassLoader.getSystemClassLoader(); |
|
} |
|
|
|
return cl; |
|
}); |
|
} |
|
|
|
@SuppressWarnings("removal") |
|
public static InputStream getResourceAsStream(final ClassLoader cl, final String name) |
|
{ |
|
return AccessController.doPrivileged((PrivilegedAction<InputStream>) () -> { |
|
InputStream ris; |
|
if (cl == null) { |
|
ris = SecuritySupport.class.getResourceAsStream(name); |
|
} else { |
|
ris = cl.getResourceAsStream(name); |
|
} |
|
return ris; |
|
}); |
|
} |
|
} |