Mercurial > hg > jdk9-shenandoah > jdk
changeset 9749:2240dd072881
8031395: Enhance LDAP processing
Reviewed-by: vinnie, alanb, skoivu, ahgross
author | weijun |
---|---|
date | Thu, 09 Jan 2014 17:41:41 +0800 |
parents | eb6fe08babef |
children | c17a40abfd9e |
files | src/share/classes/com/sun/jndi/ldap/LdapBindingEnumeration.java src/share/classes/com/sun/jndi/ldap/LdapSearchEnumeration.java |
diffstat | 2 files changed, 32 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/src/share/classes/com/sun/jndi/ldap/LdapBindingEnumeration.java Fri Nov 15 11:07:04 2013 -0500 +++ b/src/share/classes/com/sun/jndi/ldap/LdapBindingEnumeration.java Thu Jan 09 17:41:41 2014 +0800 @@ -25,6 +25,10 @@ package com.sun.jndi.ldap; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; import java.util.Vector; import javax.naming.*; import javax.naming.directory.*; @@ -36,6 +40,8 @@ final class LdapBindingEnumeration extends AbstractLdapNamingEnumeration<Binding> { + private final AccessControlContext acc = AccessController.getContext(); + LdapBindingEnumeration(LdapCtx homeCtx, LdapResult answer, Name remain, Continuation cont) throws NamingException { @@ -52,7 +58,16 @@ if (attrs.get(Obj.JAVA_ATTRIBUTES[Obj.CLASSNAME]) != null) { // serialized object or object reference - obj = Obj.decodeObject(attrs); + try { + obj = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { + @Override + public Object run() throws NamingException { + return Obj.decodeObject(attrs); + } + }, acc); + } catch (PrivilegedActionException e) { + throw (NamingException)e.getException(); + } } if (obj == null) { // DirContext object
--- a/src/share/classes/com/sun/jndi/ldap/LdapSearchEnumeration.java Fri Nov 15 11:07:04 2013 -0500 +++ b/src/share/classes/com/sun/jndi/ldap/LdapSearchEnumeration.java Thu Jan 09 17:41:41 2014 +0800 @@ -25,6 +25,10 @@ package com.sun.jndi.ldap; +import java.security.AccessControlContext; +import java.security.AccessController; +import java.security.PrivilegedActionException; +import java.security.PrivilegedExceptionAction; import java.util.Vector; import javax.naming.*; import javax.naming.directory.*; @@ -40,6 +44,8 @@ private Name startName; // prefix of names of search results private LdapCtx.SearchArgs searchArgs = null; + private final AccessControlContext acc = AccessController.getContext(); + LdapSearchEnumeration(LdapCtx homeCtx, LdapResult search_results, String starter, LdapCtx.SearchArgs args, Continuation cont) throws NamingException { @@ -112,8 +118,16 @@ if (attrs.get(Obj.JAVA_ATTRIBUTES[Obj.CLASSNAME]) != null) { // Entry contains Java-object attributes (ser/ref object) // serialized object or object reference - obj = Obj.decodeObject(attrs); - + try { + obj = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { + @Override + public Object run() throws NamingException { + return Obj.decodeObject(attrs); + } + }, acc); + } catch (PrivilegedActionException e) { + throw (NamingException)e.getException(); + } } if (obj == null) { obj = new LdapCtx(homeCtx, dn);