# HG changeset patch # User mkos # Date 1361396524 -3600 # Node ID d04602077b14a57717a6aac302afbcb3732afe2a # Parent 7dc186458b3ec06dc5fef4fb17aab43e1fcd4b78 8005432: Update access to JAX-WS Summary: newly restricted the whole package com.sun.xml.internal; fix reviewed also by Alexander Fomin Reviewed-by: mullan, skoivu diff -r 7dc186458b3e -r d04602077b14 sources/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/ModelBuilder.java --- a/sources/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/ModelBuilder.java Fri Feb 01 15:56:12 2013 +0100 +++ b/sources/jaxws_src/src/com/sun/xml/internal/bind/v2/model/impl/ModelBuilder.java Wed Feb 20 22:42:04 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -235,7 +235,7 @@ String pkg = nav.getPackageName(ci.getClazz()); if(!registries.containsKey(pkg)) { // insert the package's object factory - C c = nav.findClass(pkg + ".ObjectFactory",ci.getClazz()); + C c = loadObjectFactory(ci, pkg); if(c!=null) addRegistry(c,(Locatable)p); } @@ -264,6 +264,15 @@ return r; } + private C loadObjectFactory(ClassInfoImpl ci, String pkg) { + try { + return nav.findClass(pkg + ".ObjectFactory", ci.getClazz()); + } catch (SecurityException ignored) { + // treat SecurityException in same way as ClassNotFoundException in this case + return null; + } + } + /** * Checks the uniqueness of the type name. */ diff -r 7dc186458b3e -r d04602077b14 sources/jaxws_src/src/com/sun/xml/internal/ws/client/WSServiceDelegate.java --- a/sources/jaxws_src/src/com/sun/xml/internal/ws/client/WSServiceDelegate.java Fri Feb 01 15:56:12 2013 +0100 +++ b/sources/jaxws_src/src/com/sun/xml/internal/ws/client/WSServiceDelegate.java Wed Feb 20 22:42:04 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -22,7 +22,6 @@ * or visit www.oracle.com if you need additional information or have any * questions. */ - package com.sun.xml.internal.ws.client; import com.sun.istack.internal.NotNull; @@ -30,13 +29,11 @@ import com.sun.xml.internal.ws.Closeable; import com.sun.xml.internal.ws.api.BindingID; import com.sun.xml.internal.ws.api.EndpointAddress; -import com.sun.xml.internal.ws.api.WSBinding; import com.sun.xml.internal.ws.api.WSService; import com.sun.xml.internal.ws.api.addressing.WSEndpointReference; import com.sun.xml.internal.ws.api.client.ServiceInterceptor; import com.sun.xml.internal.ws.api.client.ServiceInterceptorFactory; -import com.sun.xml.internal.ws.api.model.SEIModel; -import com.sun.xml.internal.ws.api.pipe.*; +import com.sun.xml.internal.ws.api.pipe.Stubs; import com.sun.xml.internal.ws.api.server.Container; import com.sun.xml.internal.ws.api.server.ContainerResolver; import com.sun.xml.internal.ws.api.wsdl.parser.WSDLParserExtension; @@ -45,8 +42,8 @@ import com.sun.xml.internal.ws.client.HandlerConfigurator.AnnotationConfigurator; import com.sun.xml.internal.ws.client.HandlerConfigurator.HandlerResolverImpl; import com.sun.xml.internal.ws.client.sei.SEIStub; +import com.sun.xml.internal.ws.developer.UsesJAXBContextFeature; import com.sun.xml.internal.ws.developer.WSBindingProvider; -import com.sun.xml.internal.ws.developer.UsesJAXBContextFeature; import com.sun.xml.internal.ws.model.AbstractSEIModelImpl; import com.sun.xml.internal.ws.model.RuntimeModeler; import com.sun.xml.internal.ws.model.SOAPSEIModel; @@ -59,7 +56,6 @@ import com.sun.xml.internal.ws.util.JAXWSUtils; import com.sun.xml.internal.ws.util.ServiceConfigurationError; import com.sun.xml.internal.ws.util.ServiceFinder; -import static com.sun.xml.internal.ws.util.xml.XmlUtil.createDefaultCatalogResolver; import com.sun.xml.internal.ws.wsdl.parser.RuntimeWSDLParser; import org.xml.sax.SAXException; @@ -74,16 +70,17 @@ import javax.xml.ws.handler.HandlerResolver; import javax.xml.ws.soap.AddressingFeature; import java.io.IOException; +import java.lang.RuntimePermission; import java.lang.reflect.Proxy; import java.net.MalformedURLException; import java.net.URL; -import java.security.AccessController; -import java.security.PrivilegedAction; +import java.security.*; import java.util.*; import java.util.concurrent.Executor; -import java.util.concurrent.Executors; import java.util.concurrent.ThreadFactory; +import static com.sun.xml.internal.ws.util.xml.XmlUtil.createDefaultCatalogResolver; + /** * Service objects provide the client view of a Web service. * @@ -578,7 +575,7 @@ } } - private T createEndpointIFBaseProxy(@Nullable WSEndpointReference epr,QName portName, Class portInterface, + private T createEndpointIFBaseProxy(@Nullable WSEndpointReference epr,QName portName, final Class portInterface, WebServiceFeature[] webServiceFeatures, SEIPortInfo eif) { //fail if service doesnt have WSDL if (wsdlService == null) @@ -592,14 +589,37 @@ BindingImpl binding = eif.createBinding(webServiceFeatures,portInterface); SEIStub pis = new SEIStub(eif, binding, eif.model, epr); - T proxy = portInterface.cast(Proxy.newProxyInstance(portInterface.getClassLoader(), - new Class[]{portInterface, WSBindingProvider.class, Closeable.class}, pis)); + T proxy = createProxy(portInterface, pis); + if (serviceInterceptor != null) { serviceInterceptor.postCreateProxy((WSBindingProvider)proxy, portInterface); } return proxy; } + private T createProxy(final Class portInterface, final SEIStub pis) { + + // accessClassInPackage privilege needs to be granted ... + RuntimePermission perm = new RuntimePermission("accessClassInPackage.com.sun." + "xml.internal.*"); + PermissionCollection perms = perm.newPermissionCollection(); + perms.add(perm); + + return AccessController.doPrivileged( + new PrivilegedAction() { + @Override + public T run() { + Object proxy = Proxy.newProxyInstance(portInterface.getClassLoader(), + new Class[]{portInterface, WSBindingProvider.class, Closeable.class}, pis); + return portInterface.cast(proxy); + } + }, + new AccessControlContext( + new ProtectionDomain[]{ + new ProtectionDomain(null, perms) + }) + ); + } + /** * Lists up the port names in WSDL. For error diagnostics. */ diff -r 7dc186458b3e -r d04602077b14 sources/jaxws_src/src/javax/xml/soap/FactoryFinder.java --- a/sources/jaxws_src/src/javax/xml/soap/FactoryFinder.java Fri Feb 01 15:56:12 2013 +0100 +++ b/sources/jaxws_src/src/javax/xml/soap/FactoryFinder.java Wed Feb 20 22:42:04 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -43,20 +43,12 @@ throws SOAPException { try { - Class spiClass; - if (classLoader == null) { - spiClass = Class.forName(className); - } else { - spiClass = classLoader.loadClass(className); - } + Class spiClass = safeLoadClass(className, classLoader); return spiClass.newInstance(); } catch (ClassNotFoundException x) { - throw new SOAPException( - "Provider " + className + " not found", x); + throw new SOAPException("Provider " + className + " not found", x); } catch (Exception x) { - throw new SOAPException( - "Provider " + className + " could not be instantiated: " + x, - x); + throw new SOAPException("Provider " + className + " could not be instantiated: " + x, x); } } @@ -73,11 +65,65 @@ * a system property * @exception SOAPException if there is a SOAP error */ - static Object find(String factId) + static Object find(String factoryId) + throws SOAPException + { + return find(factoryId, null, false); + } + + /** + * Finds the implementation Class object for the given + * factory name, or if that fails, finds the Class object + * for the given fallback class name. The arguments supplied must be + * used in order. If using the first argument is successful, the second + * one will not be used. + *

+ * This method is package private so that this code can be shared. + * + * @return the Class object of the specified message factory; + * may be null + * + * @param factoryId the name of the factory to find, which is + * a system property + * @param fallbackClassName the implementation class name, which is + * to be used only if nothing else + * is found; null to indicate that + * there is no fallback class name + * @exception SOAPException if there is a SOAP error + */ + static Object find(String factoryId, String fallbackClassName) throws SOAPException { - final ClassLoader classLoader; - final String factoryId = factId; + return find(factoryId, fallbackClassName, true); + } + + /** + * Finds the implementation Class object for the given + * factory name, or if that fails, finds the Class object + * for the given default class name, but only if tryFallback + * is true. The arguments supplied must be used in order + * If using the first argument is successful, the second one will not + * be used. Note the default class name may be needed even if fallback + * is not to be attempted, so certain error conditions can be handled. + *

+ * This method is package private so that this code can be shared. + * + * @return the Class object of the specified message factory; + * may not be null + * + * @param factoryId the name of the factory to find, which is + * a system property + * @param defaultClassName the implementation class name, which is + * to be used only if nothing else + * is found; null to indicate + * that there is no default class name + * @param tryFallback whether to try the default class as a + * fallback + * @exception SOAPException if there is a SOAP error + */ + static Object find(String factoryId, String defaultClassName, + boolean tryFallback) throws SOAPException { + ClassLoader classLoader; try { classLoader = Thread.currentThread().getContextClassLoader(); } catch (Exception x) { @@ -99,7 +145,7 @@ String javah=System.getProperty( "java.home" ); String configFile = javah + File.separator + "lib" + File.separator + "jaxm.properties"; - final File f=new File( configFile ); + File f=new File( configFile ); if( f.exists()) { Properties props=new Properties(); props.load( new FileInputStream(f)); @@ -134,49 +180,56 @@ } catch( Exception ex ) { } - return null; + // If not found and fallback should not be tried, return a null result. + if (!tryFallback) + return null; + + // We didn't find the class through the usual means so try the default + // (built in) factory if specified. + if (defaultClassName == null) { + throw new SOAPException( + "Provider for " + factoryId + " cannot be found", null); + } + return newInstance(defaultClassName, classLoader); } /** - * Finds the implementation Class object for the given - * factory name, or if that fails, finds the Class object - * for the given fallback class name. The arguments supplied must be - * used in order. If using the first argument is successful, the second - * one will not be used. - *

- * This method is package private so that this code can be shared. - * - * @return the Class object of the specified message factory; - * may not be null - * - * @param factoryId the name of the factory to find, which is - * a system property - * @param fallbackClassName the implementation class name, which is - * to be used only if nothing else - * is found; null to indicate that - * there is no fallback class name - * @exception SOAPException if there is a SOAP error + * Loads the class, provided that the calling thread has an access to the + * class being loaded. If this is the specified default factory class and it + * is restricted by package.access we get a SecurityException and can do a + * Class.forName() on it so it will be loaded by the bootstrap class loader. */ - static Object find(String factoryId, String fallbackClassName) - throws SOAPException - { - - Object obj = find(factoryId); - if (obj != null) - return obj; - - ClassLoader classLoader; + private static Class safeLoadClass(String className, + ClassLoader classLoader) + throws ClassNotFoundException { try { - classLoader = Thread.currentThread().getContextClassLoader(); - } catch (Exception x) { - throw new SOAPException(x.toString(), x); - } + // make sure that the current thread has an access to the package of the given name. + SecurityManager s = System.getSecurityManager(); + if (s != null) { + int i = className.lastIndexOf('.'); + if (i != -1) { + s.checkPackageAccess(className.substring(0, i)); + } + } - if (fallbackClassName == null) { - throw new SOAPException( - "Provider for " + factoryId + " cannot be found", null); + if (classLoader == null) + return Class.forName(className); + else + return classLoader.loadClass(className); + } catch (SecurityException se) { + // (only) default implementation can be loaded + // using bootstrap class loader ... + if (isDefaultImplementation(className)) + return Class.forName(className); + + throw se; } + } - return newInstance(fallbackClassName, classLoader); + private static boolean isDefaultImplementation(String className) { + return MessageFactory.DEFAULT_MESSAGE_FACTORY.equals(className) || + SOAPFactory.DEFAULT_SOAP_FACTORY.equals(className) || + SOAPConnectionFactory.DEFAULT_SOAP_CONNECTION_FACTORY.equals(className) || + SAAJMetaFactory.DEFAULT_META_FACTORY_CLASS.equals(className); } } diff -r 7dc186458b3e -r d04602077b14 sources/jaxws_src/src/javax/xml/soap/MessageFactory.java --- a/sources/jaxws_src/src/javax/xml/soap/MessageFactory.java Fri Feb 01 15:56:12 2013 +0100 +++ b/sources/jaxws_src/src/javax/xml/soap/MessageFactory.java Wed Feb 20 22:42:04 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -66,7 +66,7 @@ */ public abstract class MessageFactory { - static private final String DEFAULT_MESSAGE_FACTORY + static final String DEFAULT_MESSAGE_FACTORY = "com.sun.xml.internal.messaging.saaj.soap.ver1_1.SOAPMessageFactory1_1Impl"; static private final String MESSAGE_FACTORY_PROPERTY @@ -99,11 +99,14 @@ public static MessageFactory newInstance() throws SOAPException { try { - MessageFactory factory = (MessageFactory) - FactoryFinder.find(MESSAGE_FACTORY_PROPERTY); + MessageFactory factory = (MessageFactory) FactoryFinder.find( + MESSAGE_FACTORY_PROPERTY, + DEFAULT_MESSAGE_FACTORY, + false); - if (factory != null) + if (factory != null) { return factory; + } return newInstance(SOAPConstants.SOAP_1_1_PROTOCOL); } catch (Exception ex) { diff -r 7dc186458b3e -r d04602077b14 sources/jaxws_src/src/javax/xml/soap/SAAJMetaFactory.java --- a/sources/jaxws_src/src/javax/xml/soap/SAAJMetaFactory.java Fri Feb 01 15:56:12 2013 +0100 +++ b/sources/jaxws_src/src/javax/xml/soap/SAAJMetaFactory.java Wed Feb 20 22:42:04 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -44,7 +44,7 @@ public abstract class SAAJMetaFactory { static private final String META_FACTORY_CLASS_PROPERTY = "javax.xml.soap.MetaFactory"; - static private final String DEFAULT_META_FACTORY_CLASS = + static final String DEFAULT_META_FACTORY_CLASS = "com.sun.xml.internal.messaging.saaj.soap.SAAJMetaFactoryImpl"; /** diff -r 7dc186458b3e -r d04602077b14 sources/jaxws_src/src/javax/xml/soap/SOAPConnectionFactory.java --- a/sources/jaxws_src/src/javax/xml/soap/SOAPConnectionFactory.java Fri Feb 01 15:56:12 2013 +0100 +++ b/sources/jaxws_src/src/javax/xml/soap/SOAPConnectionFactory.java Wed Feb 20 22:42:04 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -38,7 +38,7 @@ * A constant representing the default value for a SOAPConnection * object. The default is the point-to-point SOAP connection. */ - static private final String DEFAULT_SOAP_CONNECTION_FACTORY + static final String DEFAULT_SOAP_CONNECTION_FACTORY = "com.sun.xml.internal.messaging.saaj.client.p2p.HttpSOAPConnectionFactory"; /** diff -r 7dc186458b3e -r d04602077b14 sources/jaxws_src/src/javax/xml/soap/SOAPFactory.java --- a/sources/jaxws_src/src/javax/xml/soap/SOAPFactory.java Fri Feb 01 15:56:12 2013 +0100 +++ b/sources/jaxws_src/src/javax/xml/soap/SOAPFactory.java Wed Feb 20 22:42:04 2013 +0100 @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -54,6 +54,12 @@ "javax.xml.soap.SOAPFactory"; /** + * Class name of default SOAPFactory implementation. + */ + static final String DEFAULT_SOAP_FACTORY + = "com.sun.xml.internal.messaging.saaj.soap.ver1_1.SOAPFactory1_1Impl"; + + /** * Creates a SOAPElement object from an existing DOM * Element. If the DOM Element that is passed in * as an argument is already a SOAPElement then this method @@ -255,7 +261,7 @@ throws SOAPException { try { - SOAPFactory factory = (SOAPFactory) FactoryFinder.find(SOAP_FACTORY_PROPERTY); + SOAPFactory factory = (SOAPFactory) FactoryFinder.find(SOAP_FACTORY_PROPERTY, DEFAULT_SOAP_FACTORY, false); if (factory != null) return factory; return newInstance(SOAPConstants.SOAP_1_1_PROTOCOL);