This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit eab97408969d44a7b38192fe0af461955c8888de
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Jan 11 18:29:04 2023 +0000
Remove SecurityManagaer support from the EL API
---
java/jakarta/el/BeanELResolver.java | 11 +--------
java/jakarta/el/ELProcessor.java | 2 +-
java/jakarta/el/ExpressionFactory.java | 37 ++++++----------------------
java/jakarta/el/ImportHandler.java | 2 +-
java/jakarta/el/Util.java | 45 +---------------------------------
5 files changed, 11 insertions(+), 86 deletions(-)
diff --git a/java/jakarta/el/BeanELResolver.java
b/java/jakarta/el/BeanELResolver.java
index c470b92734..9b99ef50db 100644
--- a/java/jakarta/el/BeanELResolver.java
+++ b/java/jakarta/el/BeanELResolver.java
@@ -22,8 +22,6 @@ import java.beans.Introspector;
import java.beans.PropertyDescriptor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
@@ -39,14 +37,7 @@ public class BeanELResolver extends ELResolver {
private static final String CACHE_SIZE_PROP =
"org.apache.el.BeanELResolver.CACHE_SIZE";
static {
- String cacheSizeStr;
- if (System.getSecurityManager() == null) {
- cacheSizeStr = System.getProperty(CACHE_SIZE_PROP, "1000");
- } else {
- cacheSizeStr = AccessController.doPrivileged(
- (PrivilegedAction<String>) () ->
System.getProperty(CACHE_SIZE_PROP, "1000"));
- }
- CACHE_SIZE = Integer.parseInt(cacheSizeStr);
+ CACHE_SIZE = Integer.parseInt(System.getProperty(CACHE_SIZE_PROP,
"1000"));
}
private final boolean readOnly;
diff --git a/java/jakarta/el/ELProcessor.java b/java/jakarta/el/ELProcessor.java
index 736ca9ce09..df2fc0120c 100644
--- a/java/jakarta/el/ELProcessor.java
+++ b/java/jakarta/el/ELProcessor.java
@@ -96,7 +96,7 @@ public class ELProcessor {
Class<?> clazz = context.getImportHandler().resolveClass(className);
if (clazz == null) {
- clazz = Class.forName(className, true,
Util.getContextClassLoader());
+ clazz = Class.forName(className, true,
Thread.currentThread().getContextClassLoader());
}
if (!Modifier.isPublic(clazz.getModifiers())) {
diff --git a/java/jakarta/el/ExpressionFactory.java
b/java/jakarta/el/ExpressionFactory.java
index aeacc00b8c..2eca6205df 100644
--- a/java/jakarta/el/ExpressionFactory.java
+++ b/java/jakarta/el/ExpressionFactory.java
@@ -25,8 +25,6 @@ import java.lang.ref.WeakReference;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
@@ -42,27 +40,14 @@ import java.util.concurrent.locks.ReentrantReadWriteLock;
*/
public abstract class ExpressionFactory {
- private static final boolean IS_SECURITY_ENABLED =
(System.getSecurityManager() != null);
-
private static final String PROPERTY_NAME = "jakarta.el.ExpressionFactory";
- private static final String PROPERTY_FILE;
+ private static final String PROPERTY_FILE =
+ System.getProperty("java.home") + File.separator + "lib" +
File.separator + "el.properties";
private static final CacheValue nullTcclFactory = new CacheValue();
private static final Map<CacheKey, CacheValue> factoryCache = new
ConcurrentHashMap<>();
- static {
- if (IS_SECURITY_ENABLED) {
- PROPERTY_FILE = AccessController.doPrivileged(
- (PrivilegedAction<String>) () ->
System.getProperty("java.home") + File.separator +
- "lib" + File.separator + "el.properties"
- );
- } else {
- PROPERTY_FILE = System.getProperty("java.home") + File.separator +
"lib" +
- File.separator + "el.properties";
- }
- }
-
/**
* Create a new {@link ExpressionFactory}. The class to use is determined
by
* the following search order:
@@ -89,7 +74,7 @@ public abstract class ExpressionFactory {
public static ExpressionFactory newInstance(Properties properties) {
ExpressionFactory result = null;
- ClassLoader tccl = Util.getContextClassLoader();
+ ClassLoader tccl = Thread.currentThread().getContextClassLoader();
CacheValue cacheValue;
Class<?> clazz;
@@ -323,20 +308,12 @@ public abstract class ExpressionFactory {
// First services API
className = getClassNameServices(tccl);
if (className == null) {
- if (IS_SECURITY_ENABLED) {
- className =
AccessController.doPrivileged((PrivilegedAction<String>)
ExpressionFactory::getClassNameJreDir);
- } else {
- // Second el.properties file
- className = getClassNameJreDir();
- }
+ // Second el.properties file
+ className = getClassNameJreDir();
}
if (className == null) {
- if (IS_SECURITY_ENABLED) {
- className =
AccessController.doPrivileged((PrivilegedAction<String>)
ExpressionFactory::getClassNameSysProp);
- } else {
- // Third system property
- className = getClassNameSysProp();
- }
+ // Third system property
+ className = getClassNameSysProp();
}
if (className == null) {
// Fourth - default
diff --git a/java/jakarta/el/ImportHandler.java
b/java/jakarta/el/ImportHandler.java
index 93f1052a26..75faffc689 100644
--- a/java/jakarta/el/ImportHandler.java
+++ b/java/jakarta/el/ImportHandler.java
@@ -447,7 +447,7 @@ public class ImportHandler {
private Class<?> findClass(String name, boolean throwException) {
Class<?> clazz;
- ClassLoader cl = Util.getContextClassLoader();
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
try {
clazz = cl.loadClass(name);
} catch (ClassNotFoundException e) {
diff --git a/java/jakarta/el/Util.java b/java/jakarta/el/Util.java
index ee5848cb2d..fb5efaf80d 100644
--- a/java/jakarta/el/Util.java
+++ b/java/jakarta/el/Util.java
@@ -22,8 +22,6 @@ import java.lang.reflect.Array;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.HashMap;
@@ -43,26 +41,6 @@ class Util {
private static final Class<?>[] EMPTY_CLASS_ARRAY = new Class<?>[0];
private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
- private static final boolean IS_SECURITY_ENABLED =
(System.getSecurityManager() != null);
-
- private static final boolean GET_CLASSLOADER_USE_PRIVILEGED;
-
- static {
- if (IS_SECURITY_ENABLED) {
- // Defaults to using a privileged block
- // When running on Tomcat this will be set to false in
- // $CATALINA_BASE/conf/catalina.properties
- String value = AccessController.doPrivileged(
- (PrivilegedAction<String>) () -> System.getProperty(
- "org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED",
"true"));
- GET_CLASSLOADER_USE_PRIVILEGED = Boolean.parseBoolean(value);
- } else {
- // No security manager - no need to use a privileged block.
- GET_CLASSLOADER_USE_PRIVILEGED = false;
- }
- }
-
-
/**
* Checks whether the supplied Throwable is one that needs to be
* rethrown and swallows all others.
@@ -113,7 +91,7 @@ class Util {
*/
static ExpressionFactory getExpressionFactory() {
- ClassLoader tccl = getContextClassLoader();
+ ClassLoader tccl = Thread.currentThread().getContextClassLoader();
CacheValue cacheValue = null;
ExpressionFactory factory = null;
@@ -673,19 +651,6 @@ class Util {
}
- static ClassLoader getContextClassLoader() {
- ClassLoader tccl;
- if (IS_SECURITY_ENABLED && GET_CLASSLOADER_USE_PRIVILEGED) {
- PrivilegedAction<ClassLoader> pa = new PrivilegedGetTccl();
- tccl = AccessController.doPrivileged(pa);
- } else {
- tccl = Thread.currentThread().getContextClassLoader();
- }
-
- return tccl;
- }
-
-
private abstract static class Wrapper<T> {
public static List<Wrapper<Method>> wrap(Method[] methods, String
name) {
@@ -868,12 +833,4 @@ class Util {
return result;
}
}
-
-
- private static class PrivilegedGetTccl implements
PrivilegedAction<ClassLoader> {
- @Override
- public ClassLoader run() {
- return Thread.currentThread().getContextClassLoader();
- }
- }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
