This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 3bb830bfd0 Remove SecurityManager references from o.a.naming
3bb830bfd0 is described below
commit 3bb830bfd0485dc30722e5574604dc48affa8898
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Jan 12 19:24:32 2023 +0000
Remove SecurityManager references from o.a.naming
---
.../org/apache/naming/ContextAccessController.java | 6 --
.../apache/naming/factory/MailSessionFactory.java | 87 ++++++++++------------
.../apache/naming/factory/ResourceLinkFactory.java | 5 --
.../org/apache/naming/factory/SendMailFactory.java | 64 +++++++---------
4 files changed, 66 insertions(+), 96 deletions(-)
diff --git a/java/org/apache/naming/ContextAccessController.java
b/java/org/apache/naming/ContextAccessController.java
index 0fad089be5..35112df149 100644
--- a/java/org/apache/naming/ContextAccessController.java
+++ b/java/org/apache/naming/ContextAccessController.java
@@ -49,12 +49,6 @@ public class ContextAccessController {
* @param token Security token
*/
public static void setSecurityToken(Object name, Object token) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new RuntimePermission(
- ContextAccessController.class.getName()
- + ".setSecurityToken"));
- }
if ((!securityTokens.containsKey(name)) && (token != null)) {
securityTokens.put(name, token);
}
diff --git a/java/org/apache/naming/factory/MailSessionFactory.java
b/java/org/apache/naming/factory/MailSessionFactory.java
index 29c902fd23..70a8d2f266 100644
--- a/java/org/apache/naming/factory/MailSessionFactory.java
+++ b/java/org/apache/naming/factory/MailSessionFactory.java
@@ -16,8 +16,6 @@
*/
package org.apache.naming.factory;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Properties;
@@ -97,57 +95,48 @@ public class MailSessionFactory implements ObjectFactory {
return null;
}
- // Create a new Session inside a doPrivileged block, so that JavaMail
- // can read its default properties without throwing Security
- // exceptions.
- //
- // Bugzilla 31288, 33077: add support for authentication.
- return AccessController.doPrivileged((PrivilegedAction<Session>) () ->
{
-
- // Create the JavaMail properties we will use
- Properties props = new Properties();
- props.put("mail.transport.protocol", "smtp");
- props.put("mail.smtp.host", "localhost");
-
- String password = null;
-
- Enumeration<RefAddr> attrs = ref.getAll();
- while (attrs.hasMoreElements()) {
- RefAddr attr = attrs.nextElement();
- if ("factory".equals(attr.getType())) {
- continue;
- }
-
- if ("password".equals(attr.getType())) {
- password = (String) attr.getContent();
- continue;
- }
-
- props.put(attr.getType(), attr.getContent());
+ // Create the JavaMail properties we will use
+ Properties props = new Properties();
+ props.put("mail.transport.protocol", "smtp");
+ props.put("mail.smtp.host", "localhost");
+
+ String password = null;
+
+ Enumeration<RefAddr> attrs = ref.getAll();
+ while (attrs.hasMoreElements()) {
+ RefAddr attr = attrs.nextElement();
+ if ("factory".equals(attr.getType())) {
+ continue;
+ }
+
+ if ("password".equals(attr.getType())) {
+ password = (String) attr.getContent();
+ continue;
}
- Authenticator auth = null;
- if (password != null) {
- String user = props.getProperty("mail.smtp.user");
- if(user == null) {
- user = props.getProperty("mail.user");
- }
-
- if(user != null) {
- final PasswordAuthentication pa = new
PasswordAuthentication(user, password);
- auth = new Authenticator() {
- @Override
- protected PasswordAuthentication
getPasswordAuthentication() {
- return pa;
- }
- };
- }
+ props.put(attr.getType(), attr.getContent());
+ }
+
+ Authenticator auth = null;
+ if (password != null) {
+ String user = props.getProperty("mail.smtp.user");
+ if(user == null) {
+ user = props.getProperty("mail.user");
}
- // Create and return the new Session object
- Session session = Session.getInstance(props, auth);
- return session;
+ if(user != null) {
+ final PasswordAuthentication pa = new
PasswordAuthentication(user, password);
+ auth = new Authenticator() {
+ @Override
+ protected PasswordAuthentication
getPasswordAuthentication() {
+ return pa;
+ }
+ };
+ }
+ }
- });
+ // Create and return the new Session object
+ Session session = Session.getInstance(props, auth);
+ return session;
}
}
diff --git a/java/org/apache/naming/factory/ResourceLinkFactory.java
b/java/org/apache/naming/factory/ResourceLinkFactory.java
index 17ca733b7e..2cc863f16e 100644
--- a/java/org/apache/naming/factory/ResourceLinkFactory.java
+++ b/java/org/apache/naming/factory/ResourceLinkFactory.java
@@ -58,11 +58,6 @@ public class ResourceLinkFactory implements ObjectFactory {
* @param newGlobalContext new global context value
*/
public static void setGlobalContext(Context newGlobalContext) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new RuntimePermission(
- ResourceLinkFactory.class.getName() + ".setGlobalContext"));
- }
globalContext = newGlobalContext;
}
diff --git a/java/org/apache/naming/factory/SendMailFactory.java
b/java/org/apache/naming/factory/SendMailFactory.java
index 20aee7d8c6..57b1fcd3f6 100644
--- a/java/org/apache/naming/factory/SendMailFactory.java
+++ b/java/org/apache/naming/factory/SendMailFactory.java
@@ -16,8 +16,6 @@
*/
package org.apache.naming.factory;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Properties;
@@ -83,43 +81,37 @@ public class SendMailFactory implements ObjectFactory
Hashtable<?,?> env) throws Exception {
final Reference ref = (Reference)refObj;
- // Creation of the DataSource is wrapped inside a doPrivileged
- // so that javamail can read its default properties without
- // throwing Security Exceptions
if (ref.getClassName().equals(DataSourceClassName)) {
- return AccessController.doPrivileged(
- (PrivilegedAction<MimePartDataSource>) () -> {
- // set up the smtp session that will send the message
- Properties props = new Properties();
- // enumeration of all refaddr
- Enumeration<RefAddr> list = ref.getAll();
- // current refaddr to be set
- RefAddr refaddr;
- // set transport to smtp
- props.put("mail.transport.protocol", "smtp");
+ // set up the smtp session that will send the message
+ Properties props = new Properties();
+ // enumeration of all refaddr
+ Enumeration<RefAddr> list = ref.getAll();
+ // current refaddr to be set
+ RefAddr refaddr;
+ // set transport to smtp
+ props.put("mail.transport.protocol", "smtp");
- while (list.hasMoreElements()) {
- refaddr = list.nextElement();
+ while (list.hasMoreElements()) {
+ refaddr = list.nextElement();
- // set property
- props.put(refaddr.getType(), refaddr.getContent());
- }
- MimeMessage message = new MimeMessage(
- Session.getInstance(props));
- try {
- RefAddr fromAddr = ref.get("mail.from");
- String from = null;
- if (fromAddr != null) {
- from =
(String)ref.get("mail.from").getContent();
- }
- if (from != null) {
- message.setFrom(new InternetAddress(from));
- }
- message.setSubject("");
- } catch (Exception e) {/*Ignore*/}
- MimePartDataSource mds = new
MimePartDataSource(message);
- return mds;
- });
+ // set property
+ props.put(refaddr.getType(), refaddr.getContent());
+ }
+ MimeMessage message = new MimeMessage(
+ Session.getInstance(props));
+ try {
+ RefAddr fromAddr = ref.get("mail.from");
+ String from = null;
+ if (fromAddr != null) {
+ from = (String)ref.get("mail.from").getContent();
+ }
+ if (from != null) {
+ message.setFrom(new InternetAddress(from));
+ }
+ message.setSubject("");
+ } catch (Exception e) {/*Ignore*/}
+ MimePartDataSource mds = new MimePartDataSource(message);
+ return mds;
} else { // We can't create an instance of the DataSource
return null;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
