tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jfarc...@apache.org
Subject cvs commit: jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/servlet JasperLoader.java
Date Thu, 18 Nov 2004 22:14:42 GMT
jfarcand    2004/11/18 14:14:42

  Modified:    jasper2/src/share/org/apache/jasper/runtime Tag: TOMCAT_5_0
                        JspWriterImpl.java PageContextImpl.java
                        ProtectedFunctionMapper.java
               jasper2/src/share/org/apache/jasper/servlet Tag: TOMCAT_5_0
                        JasperLoader.java
  Added:       jasper2/src/share/org/apache/jasper/security Tag: TOMCAT_5_0
                        SecurityUtil.java
  Log:
  When the package protection is not used, do not create the doPrivileged objects so we don't
suffer the performance hit (15% faster with trade2 and this change). Also fixed a memory leak
when security manager is turned on.
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.12.2.2  +2 -1      jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime/JspWriterImpl.java
  
  Index: JspWriterImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime/JspWriterImpl.java,v
  retrieving revision 1.12.2.1
  retrieving revision 1.12.2.2
  diff -u -r1.12.2.1 -r1.12.2.2
  --- JspWriterImpl.java	5 Oct 2004 14:49:43 -0000	1.12.2.1
  +++ JspWriterImpl.java	18 Nov 2004 22:14:41 -0000	1.12.2.2
  @@ -26,6 +26,7 @@
   
   import org.apache.jasper.Constants;
   import org.apache.jasper.compiler.Localizer;
  +import org.apache.jasper.security.SecurityUtil;
   
   /**
    * Write text to a character-output stream, buffering characters so as
  @@ -125,7 +126,7 @@
       }
   	
       private String getLocalizeMessage(final String message){
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
              return (String)AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       return Localizer.getMessage(message); 
  
  
  
  1.60.2.2  +14 -13    jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime/PageContextImpl.java
  
  Index: PageContextImpl.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime/PageContextImpl.java,v
  retrieving revision 1.60.2.1
  retrieving revision 1.60.2.2
  diff -u -r1.60.2.1 -r1.60.2.2
  --- PageContextImpl.java	20 Sep 2004 18:07:22 -0000	1.60.2.1
  +++ PageContextImpl.java	18 Nov 2004 22:14:41 -0000	1.60.2.2
  @@ -49,6 +49,7 @@
   import org.apache.commons.logging.LogFactory;
   import org.apache.jasper.Constants;
   import org.apache.jasper.compiler.Localizer;
  +import org.apache.jasper.security.SecurityUtil;
   
   /**
    * Implementation of the PageContext class from the JSP spec.
  @@ -216,7 +217,7 @@
                       Localizer.getMessage("jsp.error.attribute.null_name"));
           }
   
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               return AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       return doGetAttribute(name);
  @@ -239,7 +240,7 @@
                       Localizer.getMessage("jsp.error.attribute.null_name"));
           }
   
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               return AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       return doGetAttribute(name, scope);
  @@ -281,7 +282,7 @@
                       Localizer.getMessage("jsp.error.attribute.null_name"));
           }
   
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       doSetAttribute(name, attribute);
  @@ -308,7 +309,7 @@
                       Localizer.getMessage("jsp.error.attribute.null_name"));
           }
   
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       doSetAttribute(name, o, scope);
  @@ -358,7 +359,7 @@
               throw new NullPointerException(
                       Localizer.getMessage("jsp.error.attribute.null_name"));
           }
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       doRemoveAttribute(name, scope);
  @@ -404,7 +405,7 @@
                       Localizer.getMessage("jsp.error.attribute.null_name"));
           }
   
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               return ((Integer)AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       return new Integer(doGetAttributeScope(name));
  @@ -434,7 +435,7 @@
       }
   
       public Object findAttribute(final String name) {
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               return AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       if (name == null) {
  @@ -476,7 +477,7 @@
   
   
       public Enumeration getAttributeNamesInScope(final int scope) {
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               return (Enumeration)
                       AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
  @@ -518,7 +519,7 @@
                       Localizer.getMessage("jsp.error.attribute.null_name"));
           }
   
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               AccessController.doPrivileged(new PrivilegedAction(){
                   public Object run(){
                       doRemoveAttribute(name);
  @@ -604,7 +605,7 @@
   
       public void include(final String relativeUrlPath, final boolean flush)
   	        throws ServletException, IOException {
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               try{
                   AccessController.doPrivileged(new PrivilegedExceptionAction(){
                       public Object run() throws Exception{
  @@ -637,7 +638,7 @@
   
       public void forward(final String relativeUrlPath)
           throws ServletException, IOException {
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               try{
                   AccessController.doPrivileged(new PrivilegedExceptionAction(){
                       public Object run() throws Exception{
  @@ -758,7 +759,7 @@
           if (t == null)
               throw new NullPointerException("null Throwable");
   
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               try{
                   AccessController.doPrivileged(new PrivilegedExceptionAction(){
                       public Object run() throws Exception{
  @@ -895,7 +896,7 @@
   	throws ELException
       {
   	Object retValue;
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               try {
                   retValue = AccessController.doPrivileged(
   			new PrivilegedExceptionAction(){
  
  
  
  1.7.2.1   +5 -3      jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime/ProtectedFunctionMapper.java
  
  Index: ProtectedFunctionMapper.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/runtime/ProtectedFunctionMapper.java,v
  retrieving revision 1.7
  retrieving revision 1.7.2.1
  diff -u -r1.7 -r1.7.2.1
  --- ProtectedFunctionMapper.java	17 Mar 2004 19:23:04 -0000	1.7
  +++ ProtectedFunctionMapper.java	18 Nov 2004 22:14:42 -0000	1.7.2.1
  @@ -24,6 +24,8 @@
   import java.lang.reflect.Method;
   import javax.servlet.jsp.el.FunctionMapper;
   
  +import org.apache.jasper.security.SecurityUtil;
  +
   /**
    * Maps EL functions to their Java method counterparts.  Keeps the
    * actual Method objects protected so that JSP pages can't indirectly
  @@ -60,7 +62,7 @@
        */
       public static ProtectedFunctionMapper getInstance() {
           ProtectedFunctionMapper funcMapper;
  -	if (System.getSecurityManager() != null) {
  +	if (SecurityUtil.isPackageProtectionEnabled()) {
   	    funcMapper = (ProtectedFunctionMapper)AccessController.doPrivileged(
   		new PrivilegedAction() {
   		public Object run() {
  @@ -89,7 +91,7 @@
   			    final String methodName, final Class[] args ) 
       {
   	java.lang.reflect.Method method;
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               try{
                   method = (java.lang.reflect.Method)AccessController.doPrivileged(new PrivilegedExceptionAction(){
   
  @@ -133,7 +135,7 @@
       {
           java.lang.reflect.Method method;
           ProtectedFunctionMapper funcMapper;
  -        if (System.getSecurityManager() != null){
  +        if (SecurityUtil.isPackageProtectionEnabled()){
               funcMapper = (ProtectedFunctionMapper)AccessController.doPrivileged(
                   new PrivilegedAction(){
                   public Object run() {
  
  
  
  No                   revision
  No                   revision
  1.1.2.1   +42 -0     jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/security/Attic/SecurityUtil.java
  
  
  
  
  No                   revision
  No                   revision
  1.15.2.1  +2 -0      jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/servlet/JasperLoader.java
  
  Index: JasperLoader.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-jasper/jasper2/src/share/org/apache/jasper/servlet/JasperLoader.java,v
  retrieving revision 1.15
  retrieving revision 1.15.2.1
  diff -u -r1.15 -r1.15.2.1
  --- JasperLoader.java	17 Mar 2004 19:23:05 -0000	1.15
  +++ JasperLoader.java	18 Nov 2004 22:14:42 -0000	1.15.2.1
  @@ -27,6 +27,8 @@
   
   import org.apache.jasper.Constants;
   
  +import org.apache.jasper.security.SecurityUtil;
  +
   /**
    * Class loader for loading servlet class files (corresponding to JSP files) 
    * and tag handler class files (corresponding to tag files).
  
  
  

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message