Author: cziegeler
Date: Wed Sep 20 09:42:37 2017
New Revision: 1808979
URL: http://svn.apache.org/viewvc?rev=1808979&view=rev
Log:
Use correct access control context
Modified:
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/Dispatcher.java
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/RequestDispatcherImpl.java
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletRequestWrapper.java
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletResponseWrapper.java
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/WhiteboardServletHandler.java
Modified:
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/Dispatcher.java
URL:
http://svn.apache.org/viewvc/felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/Dispatcher.java?rev=1808979&r1=1808978&r2=1808979&view=diff
==============================================================================
---
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/Dispatcher.java
(original)
+++
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/Dispatcher.java
Wed Sep 20 09:42:37 2017
@@ -133,7 +133,8 @@ public final class Dispatcher
final HttpServletRequest wrappedRequest = new
ServletRequestWrapper(req, servletContext, requestInfo, null,
pr.handler.getContextServiceId(),
pr.handler.getServletInfo().isAsyncSupported(),
- pr.handler.getMultipartConfig());
+ pr.handler.getMultipartConfig(),
+ pr.handler.getMultipartSecurityContext());
final FilterHandler[] filterHandlers =
handlerRegistry.getFilters(pr, req.getDispatcherType(), pr.requestURI);
try
Modified:
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/RequestDispatcherImpl.java
URL:
http://svn.apache.org/viewvc/felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/RequestDispatcherImpl.java?rev=1808979&r1=1808978&r2=1808979&view=diff
==============================================================================
---
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/RequestDispatcherImpl.java
(original)
+++
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/RequestDispatcherImpl.java
Wed Sep 20 09:42:37 2017
@@ -66,7 +66,8 @@ public final class RequestDispatcherImpl
DispatcherType.FORWARD,
this.resolution.handler.getContextServiceId(),
this.resolution.handler.getServletInfo().isAsyncSupported(),
- this.resolution.handler.getMultipartConfig());
+ this.resolution.handler.getMultipartConfig(),
+ this.resolution.handler.getMultipartSecurityContext());
final String requestURI =
UriUtils.concat(this.requestInfo.servletPath, this.requestInfo.pathInfo);
final FilterHandler[] filterHandlers =
this.resolution.handlerRegistry.getFilterHandlers(this.resolution.handler,
DispatcherType.FORWARD, requestURI);
@@ -103,7 +104,8 @@ public final class RequestDispatcherImpl
DispatcherType.INCLUDE,
this.resolution.handler.getContextServiceId(),
this.resolution.handler.getServletInfo().isAsyncSupported(),
- this.resolution.handler.getMultipartConfig());
+ this.resolution.handler.getMultipartConfig(),
+ this.resolution.handler.getMultipartSecurityContext());
final String requestURI =
UriUtils.concat(this.requestInfo.servletPath, this.requestInfo.pathInfo);
final FilterHandler[] filterHandlers =
this.resolution.handlerRegistry.getFilterHandlers(this.resolution.handler,
DispatcherType.INCLUDE, requestURI);
Modified:
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletRequestWrapper.java
URL:
http://svn.apache.org/viewvc/felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletRequestWrapper.java?rev=1808979&r1=1808978&r2=1808979&view=diff
==============================================================================
---
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletRequestWrapper.java
(original)
+++
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletRequestWrapper.java
Wed Sep 20 09:42:37 2017
@@ -31,6 +31,7 @@ import static org.apache.felix.http.base
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
+import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
@@ -58,6 +59,7 @@ import org.apache.commons.fileupload.ser
import org.apache.commons.fileupload.servlet.ServletRequestContext;
import org.apache.felix.http.base.internal.context.ExtServletContext;
import org.apache.felix.http.base.internal.handler.HttpSessionWrapper;
+import org.osgi.framework.Bundle;
import org.osgi.service.http.HttpContext;
import org.osgi.service.useradmin.Authorization;
@@ -69,6 +71,8 @@ final class ServletRequestWrapper extend
private final long contextId;
private final boolean asyncSupported;
private final MultipartConfig multipartConfig;
+ private final Bundle bundleForSecurityCheck;
+
private Collection<Part> parts;
public ServletRequestWrapper(final HttpServletRequest req,
@@ -77,7 +81,8 @@ final class ServletRequestWrapper extend
final DispatcherType type,
final Long contextId,
final boolean asyncSupported,
- final MultipartConfig multipartConfig)
+ final MultipartConfig multipartConfig,
+ final Bundle bundleForSecurityCheck)
{
super(req);
@@ -87,6 +92,7 @@ final class ServletRequestWrapper extend
this.requestInfo = requestInfo;
this.type = type;
this.contextId = contextId;
+ this.bundleForSecurityCheck = bundleForSecurityCheck;
}
@Override
@@ -371,6 +377,7 @@ final class ServletRequestWrapper extend
}
else
{
+ final AccessControlContext ctx =
bundleForSecurityCheck.adapt(AccessControlContext.class);
final IOException ioe = AccessController.doPrivileged(new
PrivilegedAction<IOException>()
{
@@ -387,7 +394,7 @@ final class ServletRequestWrapper extend
}
return null;
}
- });
+ }, ctx);
if ( ioe != null )
{
throw ioe;
Modified:
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletResponseWrapper.java
URL:
http://svn.apache.org/viewvc/felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletResponseWrapper.java?rev=1808979&r1=1808978&r2=1808979&view=diff
==============================================================================
---
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletResponseWrapper.java
(original)
+++
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/dispatch/ServletResponseWrapper.java
Wed Sep 20 09:42:37 2017
@@ -107,7 +107,12 @@ final class ServletResponseWrapper exten
final ServletRequestWrapper reqWrapper = new
ServletRequestWrapper(request,
errorResolution.getContext(),
- requestInfo, null,
errorResolution.getContextServiceId(), false, null);
+ requestInfo,
+ null,
+ errorResolution.getContextServiceId(),
+ false,
+ null,
+ null);
final FilterChain filterChain = new
InvocationChain(errorResolution, filterHandlers);
filterChain.doFilter(reqWrapper, this);
Modified:
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
URL:
http://svn.apache.org/viewvc/felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java?rev=1808979&r1=1808978&r2=1808979&view=diff
==============================================================================
---
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
(original)
+++
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/ServletHandler.java
Wed Sep 20 09:42:37 2017
@@ -28,6 +28,7 @@ import org.apache.felix.http.base.intern
import org.apache.felix.http.base.internal.dispatch.MultipartConfig;
import org.apache.felix.http.base.internal.logger.SystemLogger;
import org.apache.felix.http.base.internal.runtime.ServletInfo;
+import org.osgi.framework.Bundle;
import org.osgi.service.http.runtime.dto.DTOConstants;
/**
@@ -227,4 +228,9 @@ public abstract class ServletHandler imp
{
return mpConfig;
}
+
+ public Bundle getMultipartSecurityContext()
+ {
+ return null;
+ }
}
Modified:
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/WhiteboardServletHandler.java
URL:
http://svn.apache.org/viewvc/felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/WhiteboardServletHandler.java?rev=1808979&r1=1808978&r2=1808979&view=diff
==============================================================================
---
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/WhiteboardServletHandler.java
(original)
+++
felix/trunk/osgi-r7/http/base/src/main/java/org/apache/felix/http/base/internal/handler/WhiteboardServletHandler.java
Wed Sep 20 09:42:37 2017
@@ -37,6 +37,8 @@ public final class WhiteboardServletHand
private final int multipartErrorCode;
+ private final Bundle multipartSecurityContext;
+
public WhiteboardServletHandler(final long contextServiceId,
final ExtServletContext context,
final ServletInfo servletInfo,
@@ -52,6 +54,7 @@ public final class WhiteboardServletHand
if ( servletInfo.getMultipartConfig().multipartLocation == null )
{
// default location
+ multipartSecurityContext = httpWhiteboardBundle;
if ( !httpWhiteboardBundle.hasPermission(writePerm))
{
errorCode =
DTOConstants.FAILURE_REASON_WHITEBOARD_WRITE_TO_DEFAULT_DENIED;
@@ -67,6 +70,7 @@ public final class WhiteboardServletHand
}
else
{
+ multipartSecurityContext = bundleContext.getBundle();
// provided location
if ( !bundleContext.getBundle().hasPermission(writePerm) )
{
@@ -74,6 +78,10 @@ public final class WhiteboardServletHand
}
}
}
+ else
+ {
+ multipartSecurityContext = null;
+ }
multipartErrorCode = errorCode;
}
@@ -126,4 +134,10 @@ public final class WhiteboardServletHand
}
return false;
}
+
+ @Override
+ public Bundle getMultipartSecurityContext()
+ {
+ return multipartSecurityContext;
+ }
}
