tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@locus.apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup ContextConfig.java
Date Sat, 07 Oct 2000 18:14:59 GMT
craigmcc    00/10/07 11:14:58

  Modified:    .        RELEASE-NOTES-4.0-M2.txt
               catalina/src/share/org/apache/catalina/startup
                        ContextConfig.java
  Log:
  Check in additional changes supporting the future ability to run
  web apps under a security manager (doesn't work yet -- more research
  is needed).
  
  Revision  Changes    Path
  1.5       +18 -1     jakarta-tomcat-4.0/RELEASE-NOTES-4.0-M2.txt
  
  Index: RELEASE-NOTES-4.0-M2.txt
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/RELEASE-NOTES-4.0-M2.txt,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- RELEASE-NOTES-4.0-M2.txt	2000/10/07 05:37:17	1.4
  +++ RELEASE-NOTES-4.0-M2.txt	2000/10/07 18:14:51	1.5
  @@ -3,7 +3,7 @@
                               Release Notes
                               =============
   
  -$Id: RELEASE-NOTES-4.0-M2.txt,v 1.4 2000/10/07 05:37:17 craigmcc Exp $
  +$Id: RELEASE-NOTES-4.0-M2.txt,v 1.5 2000/10/07 18:14:51 craigmcc Exp $
   
   
   ============
  @@ -203,5 +203,22 @@
   * Deploy from an unpacked directory (on the same server) instead of from
     a WAR file (this is often more convenient in a development environment
     anyway).
  +
  +
  +Clearing Buffer On A Forward
  +----------------------------
  +The servlet specification requires the container to clear the data buffer,
  +but not the response headers or cookies, when a servlet calls the
  +RequestDispatcher.forward() method.  In the past, this could be done by the
  +container casting the response back to its internal implementation object,
  +and calling an implementation-specific method.
  +
  +This is no longer possible now that the request and response arguments to
  +a RequestDispatcher.forward() call can be wrapped.  It is likely that a new
  +public method will be added to the ServletResponse API for this purpose.  In
  +the mean time, Tomcat 4.0 does *not* clear the response buffer on a forward,
  +so you will see any output generated by the calling servlet (or JSP page,
  +in the case of <jsp:forward>) followed by the output from the forwarded-to
  +servlet or JSP page.
   
   
  
  
  
  1.21      +121 -4    jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java
  
  Index: ContextConfig.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
  retrieving revision 1.20
  retrieving revision 1.21
  diff -u -r1.20 -r1.21
  --- ContextConfig.java	2000/10/04 02:26:33	1.20
  +++ ContextConfig.java	2000/10/07 18:14:56	1.21
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
1.20 2000/10/04 02:26:33 craigmcc Exp $
  - * $Revision: 1.20 $
  - * $Date: 2000/10/04 02:26:33 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/startup/ContextConfig.java,v
1.21 2000/10/07 18:14:56 craigmcc Exp $
  + * $Revision: 1.21 $
  + * $Date: 2000/10/07 18:14:56 $
    *
    * ====================================================================
    *
  @@ -68,13 +68,21 @@
   import java.io.File;
   import java.io.FileInputStream;
   import java.io.FileNotFoundException;
  +import java.io.FilePermission;
   import java.io.InputStream;
   import java.io.IOException;
   import java.lang.reflect.InvocationTargetException;
   import java.net.JarURLConnection;
   import java.net.MalformedURLException;
   import java.net.URL;
  +import java.security.CodeSource;
  +import java.security.Permission;
  +import java.security.Permissions;
  +import java.security.PermissionCollection;
  +import java.security.Policy;
  +import java.security.ProtectionDomain;
   import java.util.ArrayList;
  +import java.util.Enumeration;
   import java.util.MissingResourceException;
   import java.util.ResourceBundle;
   import java.util.Stack;
  @@ -84,6 +92,7 @@
   import javax.servlet.ServletContextListener;
   import org.apache.catalina.Authenticator;
   import org.apache.catalina.Context;
  +import org.apache.catalina.Globals;
   import org.apache.catalina.Lifecycle;
   import org.apache.catalina.LifecycleEvent;
   import org.apache.catalina.LifecycleListener;
  @@ -115,7 +124,7 @@
    * of that Context, and the associated defined servlets.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.20 $ $Date: 2000/10/04 02:26:33 $
  + * @version $Revision: 1.21 $ $Date: 2000/10/07 18:14:56 $
    */
   
   public final class ContextConfig
  @@ -907,6 +916,111 @@
   
   
       /**
  +     * Configure permissions for this web application if we are running
  +     * under the control of a security manager.
  +     */
  +    private void permissionsConfig() {
  +
  +        // Has a security manager been installed?
  +        SecurityManager securityManager = System.getSecurityManager();
  +        if (securityManager == null)
  +            return;
  +
  +        // Refresh the standard policy permissions
  +        if (debug >= 1)
  +            log("Retrieving global policy permissions");
  +        Policy policy = Policy.getPolicy();
  +        policy.refresh();
  +
  +        // Accumulate the common permissions we will add to all code sources
  +        if (debug >= 1)
  +            log("Building common permissions to add");
  +        Resources resources = context.getResources();
  +        Permissions commonPerms = new Permissions();
  +        URL baseURL = null;
  +        try {
  +            baseURL = resources.getResource("/");
  +            if (debug >= 1)
  +                log(" baseURL=" + baseURL.toString());
  +        } catch (MalformedURLException e) {
  +            log("permissionsConfig.baseURL", e);
  +        }
  +        String baseFile = baseURL.toString();
  +        if (baseFile.startsWith("file://"))     // FIXME - file dependency
  +            baseFile = baseFile.substring(7);
  +        else if (baseFile.startsWith("file:"))
  +            baseFile = baseFile.substring(5);
  +        if (baseFile.endsWith("/"))
  +            baseFile += "-";
  +        else
  +            baseFile += "/-";
  +        commonPerms.add(new FilePermission(baseFile, "read"));
  +        File workDir = (File)
  +            context.getServletContext().getAttribute(Globals.WORK_DIR_ATTR);
  +        commonPerms.add(new FilePermission(workDir.getAbsolutePath() + "/-",
  +                                           "read,write,delete"));
  +        if (debug >= 1)
  +            log(" commonPerms=" + commonPerms.toString());
  +
  +        // Build a CodeSource representing our document root code base
  +        if (debug >= 1)
  +            log("Building document root code source");
  +        URL docURL = null;
  +        try {
  +            docURL = resources.getResource("/WEB-INF");
  +            if (debug >= 1)
  +                log(" docURL=" + docURL.toString());
  +        } catch (MalformedURLException e) {
  +            log("permissionsConfig.docURL", e);
  +        }
  +        CodeSource docSource = new CodeSource(docURL, null);
  +        if (debug >= 1)
  +            log(" docSource=" + docSource.toString());
  +
  +        // Generate the Permissions for the document root code base
  +        if (debug >= 1)
  +            log("Building document root permissions");
  +        PermissionCollection docPerms = policy.getPermissions(docSource);
  +        Enumeration docAdds = commonPerms.elements();
  +        while (docAdds.hasMoreElements())
  +            docPerms.add((Permission) docAdds.nextElement());
  +        if (debug >= 1)
  +            log(" docPerms=" + docPerms);
  +
  +        // Generate the ProtectionDomain for the document root code base
  +        if (debug >= 1)
  +            log("Building document root protection domain");
  +        ProtectionDomain docPD = new ProtectionDomain(docSource, docPerms);
  +        if (debug >= 1)
  +            log(" docPD=" + docPD.toString());
  +
  +        // Build a CodeSource representing our work directory code base
  +        if (debug >= 1)
  +            log("Building work directory code source");
  +        URL workURL = null;
  +        try {
  +            workURL = new URL("file", null, workDir.getAbsolutePath());
  +            if (debug >= 1)
  +                log(" workURL=" + workURL.toString());
  +        } catch (MalformedURLException e) {
  +            log("permissionsConfig.workURL", e);
  +        }
  +        CodeSource workSource = new CodeSource(workURL, null);
  +
  +        // Generate the Permissions for the work directory code base
  +        if (debug >= 1)
  +            log("Building work directory permissions");
  +        PermissionCollection workPerms = policy.getPermissions(workSource);
  +        Enumeration workAdds = commonPerms.elements();
  +        while (workAdds.hasMoreElements())
  +            workPerms.add((Permission) workAdds.nextElement());
  +        if (debug >= 1)
  +            log(" workPerms=" + workPerms);
  +
  +    }
  +
  +
  +    /**
        * Process a "start" event for this Context.
        */
       private void start() {
  @@ -936,6 +1050,9 @@
   		log(sm.getString("contextConfig.defaultResources"));
   	    context.setResources(new FileResources());
   	}
  +
  +        // Configure the Permissions for this Context (if necessary)
  +        permissionsConfig();
   
   	// Configure the Loader for this Context
   	loaderConfig();
  
  
  

Mime
View raw message