tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core LocalStrings.properties StandardContext.java StandardWrapper.java
Date Fri, 12 Oct 2001 23:49:26 GMT
remm        01/10/12 16:49:26

  Modified:    catalina/src/share/org/apache/catalina/core Tag:
                        tomcat_40_branch LocalStrings.properties
                        StandardContext.java StandardWrapper.java
  Log:
  - Add a new privileged flag to the context.
  - ContainerServlet loading will fail if they are loaded by a non-privileged
    context, with the exception of the invoker servlet.
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.37.2.2  +1 -0      jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/LocalStrings.properties
  
  Index: LocalStrings.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/LocalStrings.properties,v
  retrieving revision 1.37.2.1
  retrieving revision 1.37.2.2
  diff -u -r1.37.2.1 -r1.37.2.2
  --- LocalStrings.properties	2001/10/04 19:27:58	1.37.2.1
  +++ LocalStrings.properties	2001/10/12 23:49:26	1.37.2.2
  @@ -142,6 +142,7 @@
   standardWrapper.notClass=No servlet class has been specified for servlet {0}
   standardWrapper.notContext=Parent container of a Wrapper must be a Context
   standardWrapper.notServlet=Class {0} is not a Servlet
  +standardWrapper.privilegedServlet=Servlet of class {0} is privileged and cannot be loaded
by this web application
   standardWrapper.releaseFilters=Release filters exception for servlet {0}
   standardWrapper.serviceException=Servlet.service() for servlet {0} threw exception
   standardWrapper.statusHeader=HTTP Status {0} - {1}
  
  
  
  1.78.2.5  +36 -4     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java
  
  Index: StandardContext.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java,v
  retrieving revision 1.78.2.4
  retrieving revision 1.78.2.5
  diff -u -r1.78.2.4 -r1.78.2.5
  --- StandardContext.java	2001/10/10 00:17:44	1.78.2.4
  +++ StandardContext.java	2001/10/12 23:49:26	1.78.2.5
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java,v
1.78.2.4 2001/10/10 00:17:44 remm Exp $
  - * $Revision: 1.78.2.4 $
  - * $Date: 2001/10/10 00:17:44 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardContext.java,v
1.78.2.5 2001/10/12 23:49:26 remm Exp $
  + * $Revision: 1.78.2.5 $
  + * $Date: 2001/10/12 23:49:26 $
    *
    * ====================================================================
    *
  @@ -142,7 +142,7 @@
    *
    * @author Craig R. McClanahan
    * @author Remy Maucherat
  - * @version $Revision: 1.78.2.4 $ $Date: 2001/10/10 00:17:44 $
  + * @version $Revision: 1.78.2.5 $ $Date: 2001/10/12 23:49:26 $
    */
   
   public class StandardContext
  @@ -370,6 +370,12 @@
   
   
       /**
  +     * The privileged flag for this web application.
  +     */
  +    private boolean privileged = false;
  +
  +
  +    /**
        * Should the next call to <code>addWelcomeFile()</code> cause replacement
        * of any existing welcome files?  This will be set before processing the
        * web application's deployment descriptor, so that application specified
  @@ -969,6 +975,32 @@
           support.firePropertyChange("override",
                                      new Boolean(oldOverride),
                                      new Boolean(this.override));
  +
  +    }
  +
  +
  +    /**
  +     * Return the privileged flag for this web application.
  +     */
  +    public boolean getPrivileged() {
  +
  +        return (this.privileged);
  +
  +    }
  +
  +
  +    /**
  +     * Set the privileged flag for this web application.
  +     * 
  +     * @param privileged The new privileged flag
  +     */
  +    public void setPrivileged(boolean privileged) {
  +
  +        boolean oldPrivileged = this.privileged;
  +        this.privileged = privileged;
  +        support.firePropertyChange("privileged",
  +                                   new Boolean(oldPrivileged),
  +                                   new Boolean(this.privileged));
   
       }
   
  
  
  
  1.29.2.3  +34 -4     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapper.java
  
  Index: StandardWrapper.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapper.java,v
  retrieving revision 1.29.2.2
  retrieving revision 1.29.2.3
  diff -u -r1.29.2.2 -r1.29.2.3
  --- StandardWrapper.java	2001/10/12 01:57:41	1.29.2.2
  +++ StandardWrapper.java	2001/10/12 23:49:26	1.29.2.3
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapper.java,v
1.29.2.2 2001/10/12 01:57:41 craigmcc Exp $
  - * $Revision: 1.29.2.2 $
  - * $Date: 2001/10/12 01:57:41 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardWrapper.java,v
1.29.2.3 2001/10/12 23:49:26 remm Exp $
  + * $Revision: 1.29.2.3 $
  + * $Date: 2001/10/12 23:49:26 $
    *
    * ====================================================================
    *
  @@ -105,7 +105,7 @@
    * make them efficient are counter-productive.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.29.2.2 $ $Date: 2001/10/12 01:57:41 $
  + * @version $Revision: 1.29.2.3 $ $Date: 2001/10/12 23:49:26 $
    */
   
   public final class StandardWrapper
  @@ -830,6 +830,14 @@
                   (sm.getString("standardWrapper.instantiate", actualClass), e);
           }
   
  +        // Check if loading the servlet in this web application should be 
  +        // allowed
  +        if (!isServletAllowed(servlet)) {
  +            throw new SecurityException
  +                (sm.getString("standardWrapper.privilegedServlet", 
  +                              actualClass));
  +        }
  +
           // Special handling for ContainerServlet instances
           if ((servlet instanceof ContainerServlet) &&
               isContainerServlet(actualClass)) {
  @@ -1110,6 +1118,28 @@
               return (true);
           else
               return (false);
  +
  +    }
  +
  +
  +    /**
  +     * Return <code>true</code> if loading this servlet is allowed.
  +     */
  +    private boolean isServletAllowed(Object servlet) {
  +
  +        if (servlet instanceof ContainerServlet) {
  +            if (((Context) getParent()).getPrivileged() 
  +                || (servlet.getClass().getName().equals
  +                    ("org.apache.catalina.servlets.InvokerServlet"))) {
  +                System.out.println("Allow:" + servlet);
  +                return (true);
  +            } else {
  +                System.out.println("Not allowed:" + servlet);
  +                return (false);
  +            }
  +        }
  +
  +        return (true);
   
       }
   
  
  
  

Mime
View raw message